Tesla Insider Data Breach Exposed Over 75,000
A filing with the Maine Attorney General’s Office shows the Tesla breach involved employee-related records, including social security numbers. The company is suing two former employees over the breach.
Tesla on Friday shed more light on its May data breach, showing that the incident involved employee records and blaming “insider-wrongdoing,” according to a notice filed with the Maine Attorney General’s Office.
The notice, filed by Tesla Data Privacy Officer Steven Elentukh, says a total of 75,735 people (including current and former Tesla employees) were impacted by the breach. The filing says leaked info included social security numbers.
Tesla sent a letter dated Aug. 18 to inform affected individuals. The letter said the leaked personal information included current and former employees’ names and contact information. The letter did not mention the social security number leaks.
“A foreign media outlet (named Handelsblatt) informed Tesla on May 10, 2023, that it had obtained Tesla confidential information,” the leader reads. “The investigation revealed that two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with the media outlet.”
Tesla says in the letter that the company immediately acted to “contain the incident, understand the scope and protect your information.”
Leak Leads to Investigation, Lawsuits
Tesla has filed lawsuits against the two former employees responsible for the leak and obtained court orders that prevent them from further use, access, or dissemination of the data. “Tesla cooperated with law enforcement and external forensics experts and will continue to take appropriate steps as necessary,” according to the letter.
Handelsblatt, one of Germany’s top news organizations, said it received more than 100 GB of data from the former Tesla employees. The news site used the information for a story claiming Tesla failed to adequately protect data obtained from customers, employees, and business partners. The files also included the social security number of Tesla CEO Elon Musk, according to the Guardian.
Tesla is offering impacted individuals support with a complimentary membership to Experian’s IdentityWorks, to monitor for suspicious credit activity, though the company says, “We have no evidence that any personal information was misused in a manner that could harm you.”
Tesla’s Data Privacy Woes Keep Piling Up
The May breach was not the first time Tesla faced major privacy concerns. An April letter from US Senators Edward J. Markey and Richard Blumenthal questioned Musk about reports that employees had been sharing sensitive images recorded by cameras in customers’ vehicles between 2019 and 2022, according to Reuters. Tesla faces a class action lawsuit as a result of that report.
“This apparent willful disregard for the privacy of Tesla customers is unacceptable and raises serious questions about Tesla’s management practices,” the senators’ letter said, according to Reuters.
What to Read Next:
Top Secret: Pentagon Leak Sheds Light on Insider Attack Threat
Protecting From the Threat Within: How To Manage Insider Risk
75% of Insider Cyber Attacks are the Work of Disgruntled Ex-Employees: Report
About the Author
You May Also Like