Tesla Data Breach Investigation Reveals Inside Job

Tesla acknowledged In a filing with Maine's attorney general that a recent data breach it experienced affecting over 75,000 individuals was due to "insider wrongdoing."

On May 10, Handelsbatt, a German media outlet, informed Tesla that it had received 100GB of data from an informant at Tesla. The information provided by the whistleblower contained 23,000 internal files from 2015 to 2022 concerning Tesla allegedly receiving 3,900 reports of self-acceleration and brake-function issues. The files also contained crash reports and thousands of incidents of drivers expressing safety concerns over Tesla's driver assistance system. 

In a subsequent investigation of the breach, Tesla found that two former employees "misappropriated the information in violation of Tesla's IT security and data protection policies and shared it with the media outlet." Handelsbatt has informed Tesla that it does not intend to publish the compromised information, nor would it legally be allowed to. 

In Tesla's filing with the state of Maine, the company reported its chief privacy offer had contacted all the affected individuals detailing what happened, what information was involved, what Tesla is doing, and what affected individuals can do moving forward. 

Tesla has obtained court orders that prohibit its former employees from further using or accessing the data; lawsuits against them have resulted in the seizure of their electronic devices that allegedly contained the leaked Tesla information, including names of current and former employees and other personal information.

"This breach makes it clear that Tesla did not have the right controls in place to prevent this type of breach. It is actually more common than people think to have former employees' access to systems remain active after they have left the company," wrote Lior Yaari, CEO and co-founder of Grip Security, in an emailed statement. "Without more information, it is difficult to know whether this was a lack of security controls or the result of two disgruntled employees who stole the data with malicious intent."

Tesla is providing complimentary credit monitoring through Experian's IdentityWorks for those affected by the breach.