Tesla, the world-renowned American electric car manufacturer, revealed that the Tesla data leak, which occurred earlier this year and compromised sensitive personal information belonging to more than 75,000 individuals, was orchestrated by two of its former employees.
It was confirmed after investigations that the Tesla data leak was the work of two former employees who misappropriated the personal information of its staff in violation of Tesla’s IT security policies by sharing it with a media outlet.
According to Tesla’s data privacy officer, Steven Elentukh, the data compromised in the breach was disclosed to the German media organization Handelsblatt by the former Tesla employees.
The Tesla notice about the employee data leak read, “A foreign media outlet (named Handelsblatt) informed Tesla on May 10, 2023 that it had obtained Tesla confidential information.”
Being legally prohibited against improper utilization of the released Tesla employee data and harboring no intentions of publication, Handelsblatt promptly notified the company about the occurrence.
Following this, the Austin-based car giant identified the two Tesla insiders who leaked data of nearly 75,735 employees and filed a lawsuit against them.
“These lawsuits resulted in the seizure of the former employees’ electronic devices that were believed to have contained the Tesla information,” the Tesla data leak notice read.
Confidential Tesla data leak controlled by former employees
The data leaked by the two former Tesla employees included names, addresses, numbers, and email addresses of former and current employees. Over 100GB of confidential data belonging to the company was leaked.
The Tesla data leak documents were named Tesla Files which included tables with over 100,000 names of the company’s workers.
This also had Elon Musk’s Social Security Number, The Guardian reported. However, the leaked Tesla data remains yet to be verified by the news organization.
Tesla data breach notification was officially submitted to the Attorney General of Maine by Steven Elentukh, who holds the position of Data Privacy Officer at Tesla.
The sensitive nature of Tesla data leak
A Reuters report published earlier on April 7, 2023 read, “To develop self-driving car technology, Tesla collects a vast trove of data from its global fleet of several million vehicles.”
The Sentry mode in Tesla cars, a feature that enabled recording the suspicious activity of a parked car allowed alerting its owner about the same.
However, this showed how people who walked past the vehicles were recorded without their knowledge.
Addressing the privacy breach involved with this recording, Katja Mur, a board member of the Dutch Data Protection Authority said, “If a person parked one of these vehicles in front of someone’s window, they could spy inside and see everything the other person was doing. That is a serious violation of privacy.”
More serious privacy breaches came forward between 2019 and 2022 when Tesla employees exchanged private videos and images recorded by the customer’s car cameras.
These visuals were shared via internal messaging systems which was investigated by Reuters that contacted over 300 former Tesla employees.
On the condition of anonymity, some of the employees said that the following recordings among others were shared but not kept:
- An undressed man approaching a vehicle.
- A crash video from 2021 involving a Tesla car ramming into a residential area and hitting a child.
- Images of dogs and hilarious road signs that employees made memes of and shared in private group chats.
While automaker Tesla claimed that the recordings would remain anonymous and not linked to the customer or their vehicle it could still be used to breach their privacy and trace them.
The former Tesla employees interviewed by Reuters said that they were given access to the location of the recordings which could lead them to trace the whereabouts of the user including their residence.
The said content was not accessed or checked by Reuters as the employees they spoke to said that those videos were not stored.
In April 2023, Tesla was taken to court by two ex-employees who won a case against the company for racial discrimination, Reuters reported.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
