Tesla has confirmed that a major data breach affecting nearly 76,000 employees and containing sensitive corporate information was carried out by two former staff members. The breach was first reported by German newspaper Handelsblatt on May 25, 2023, which claimed that whistleblowers had passed it confidential information about the company. The leaked information allegedly revealed that Tesla’s autopilot function had bigger technical problems than originally thought.
In a data breach notice published on the Office of the Maine Attorney General website, Tesla revealed that 75,735 individuals had been affected by the incident. The notice, penned by Tesla’s data privacy officer, Steven Elentukh, focused on the wrongdoing of the unnamed duo. “A foreign media outlet (named Handelsblatt) informed Tesla on May 10, 2023, that it had obtained Tesla confidential information,” the notice stated. “The investigation revealed that two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with the media outlet.”
Tesla obtained a court order against the two former employees, seizing devices thought to contain the exfiltrated information. The company also obtained court orders prohibiting the former employees from further use, access, or dissemination of the data, subject to criminal penalties. Tesla cooperated with law enforcement and external forensics experts and will continue to take appropriate steps as necessary.
The compromised data includes names, home and email addresses, phone numbers, employee information, and Social Security numbers of current and former employees. Dor Fledel, CEO of Spera, argued that the incident highlights the challenge of enforcing the principle of least privilege among employees. Handelsblatt claimed to have 100GB of data from the insiders, containing thousands of vehicle malfunction and crash reports.
Source: Infosecurity Magazine
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.