Tesla has said that insider wrongdoing was to blame for a data breach affecting more than 75,000 company employees, TechCrunch reported.
Tesla, the electric car maker owned by Elon Musk, said in a data breach notice filed with Maine’s attorney general that an investigation had found that two former employees leaked more than 75,000 individuals’ personal information to a foreign media company.
“The investigation revealed that two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with a media outlet,” Steven Elentukh, Tesla’s data privacy officer, wrote in the notice.
According to TechCrunch, this information includes personally identifying information, including names, addresses, phone numbers, employment-related records and Social Security numbers belonging to 75,735 current and former employees.
Tesla said two former employees had shared the data with German newspaper Handelsblatt. The outlet assured Tesla that it wouldn’t publish the information and that it is “legally prohibited from using it inappropriately,” according to the notice.
The publication obtained more than 23,000 internal documents, dubbed the “Tesla Files,” containing 100 gigabytes of confidential data. This included employees’ personal information, customer bank details, production secrets and customer complaints about Tesla’s Full Self-Driving (FSD) features.
According to Handelsblatt, Musk’s Social Security number was also included in the leak.
The Verge reported that, according to a filing with the state of Maine’s attorney general office, Tesla’s data privacy officer Steven Elentukh, reported the breach as “insider wrongdoing,” leaking employee information including social security numbers.
The Maine filing includes a template letter by Elentukh written to send to affected employees in the state. It confirms that Handelsblatt, the German media outlet recipient of 100GB of Tesla’s data, had notified Tesla on May 10th that it had received confidential information.
According to The Verge, what Handelsblatt did let out was customer complaints about Tesla’s Full Self-Driving (FSD). It found that the automaker’s advanced driver-assistant system, which aims to achieve autonomous city driving capability, had 2,400 self-acceleration issues and more than 1,500 braking problems reported by customers. The occurrences spanned between 2015 and March 2022. Tesla demanded that Handelsblatt delete the data, according to the news outlet.
The Verge also reported that this isn’t the first time Tesla employees have mishandled internal data. In April, it was reported that workers viewed and shared private videos recorded by customers’ Teslas, which are made from the vehicles’ Sentry Mode security systems.
Personally, I think this entire situation is a gigantic mess. It appears that the two employees who sent personal information about the other employees to a German news site not only shouldn’t have done that, but also should face some kind of reprimand for what they did. The other sketchy part of this story is that some Tesla employees appear to enjoy spying on Tesla owners through videos the vehicle creates.