Inside Job Suspected in Enormous Data Breach at Tesla, Affecting 75,000 Employees
Written by Sanjay Kumar
News Highlights
- Tesla Data Breach Exposes 75,000 Records Due to Insider Wrongdoing.
- Former Employees Leak Tesla Confidential Data to Media Outlet.
- Legal Action Taken as Tesla Investigates May Data Breach.
Tesla
Automotive company
- Formerly – Tesla Motors, Inc. (2003–2017)
- Type – Public
- Industry – Automotive, Renewable energy
- Founded – July 1, 2003; 20 years ago in San Carlos, California, U.S.
- Founders – See § Founding
- Headquarters – Gigafactory Texas, Austin, Texas, U.S.
- Number of locations – 1,068 sales, service and delivery centers
- Area served – East Asia, Europe, Middle East, North America, Oceania, Southeast Asia
- Key people – Elon Musk (CEO), Robyn Denholm (chair)
- Number of employees – 127,855 (2022)
Tesla Inc. experienced a data breach in May that impacted over 75,000 employees. The breach involved records related to employees and was attributed to “insider wrongdoing,” as detailed in a notice published by the office of the Maine Attorney General.
The breach had a direct impact on a total of 75,735 employees, including nine residents of Maine. These individuals seem to have been either current or former employees of Tesla, the automaker headquartered in Austin, Texas.
On August 18, a letter sent by Tesla to the affected individuals alongside the data breach notification shed light on the incident. According to this letter, a foreign media entity named Handelsblatt notified Tesla on May 10, 2023, about its possession of confidential Tesla information. The subsequent investigation uncovered that two ex-Tesla employees had inappropriately obtained the information, violating Tesla’s IT security and data protection policies, and subsequently shared it with the mentioned media outlet.
The communication further stated that Tesla initiated legal action against the two former employees, although the jurisdiction wasn’t specified. These legal measures resulted in the confiscation of electronic devices suspected to contain company-related data.
The letter emphasized that Tesla secured court orders to prevent the former employees from any further utilization, access, or dissemination of the compromised data, under the threat of criminal consequences. Throughout the process, Tesla cooperated closely with both law enforcement and external experts in digital forensics. The company expressed its commitment to continue taking necessary actions moving forward.
Despite the developments, Steven Elentukh, Tesla’s data privacy officer, remained silent in response to an email seeking comments.
