The data of 75,753 individuals was compromised in a Tesla hack—and an insider job is apparently to blame. Tesla identified and filed lawsuits against two former employees over the cyber breach, resulting in the seizure of their electronic devices.
On May 10, German media outlet Handelsblatt informed Tesla that it had obtained confidential information about current and former Tesla employees, including names and contact information such as addresses, phone numbers, and email addresses. The data protection office in Brandenburg, home to Tesla’s European gigafactory, described the data leak as “massive.”
Upon investigation, the electric carmaker found that “two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with the media outlet,” Steven Elentukh, the company’s data privacy officer said in an Aug. 18 notice detailing the incident, which was posted by the office of the Maine Attorney General.
Although the company said the media outlet doesn’t plan to use the information and that it has not identified evidence of misuse of the data yet, it still took action to contain the breach.
100: Number of gigabytes of confidential data in the Tesla files shared with Handelsblatt, Sebastian Matthes, the outlet’s editor-in-chief, wrote in an editor’s note on May 25 about what he’s calling the Tesla Files. The German publication spent months going through 23,000 files.
Salaries of employees, customers’ bank details, secret details from production, and more, were leaked. Founder and CEO’s Elon Musk’s social security number was also among the compromised data, according to the Guardian. The leaked data also included around 4,000 customer complaints about its self-driving features—2,400 of sudden acceleration and 1,500 of braking issues, including 383 cases of “phantom braking,” as per a previous Insider report.
Ireland-headquartered Experian, one of the largest credit bureaus, has an identity theft protection service called IdentityWorks. It lets users check if their phone number, email and address are exposed online—which could put you at risk for identity theft, hacking and robocalls—and even helps them remove thie info.
Tesla is offering affected people a limited complimentary membership of Experian’s IdentityWorks. People must make sure they enroll before the company-given codes expire on Nov. 30, 2023.
“While identity restoration assistance is immediately available to you, we also encourage you to activate the fraud detection tools available through Experian IdentityWorks” for “superior identity detection and resolution of identity theft,” the company wrote in its Aug. 18 memo.
In 2018, Tesla filed a lawsuit alleging that Martin Tripp, a former process technician at the company’s Gigafactory in Nevada, illegally hacked the company’s confidential and trade secret information and transferring gigabytes of it to third parties, even making false claims about Tesla using punctured battery cells in certain Model 3 vehicles, the true amount and value of “scrap” material that Tesla generated during the manufacturing process, and delays in bringing new manufacturing equipment online.