Dutch Authorities Looking Into Massive Data Breach By Tesla
Thursday, 1. June 2023
A potentially massive data leak is being looked into by the authorities after it was alleged Tesla failed to adequately protect data from customers, employees and business partners.
The data protection watchdog for the Netherlands said on Friday (May 26) it was aware of possible Tesla data protection breaches, but it was too early for further comment.
Germany newspaper Handelsblatt reported on Thursday (May 25) that Tesla had allegedly failed to protect data, citing 100 gigabytes of confidential data leaked by a whistleblower.
“We are aware of the Handelsblatt story and we are looking into it,” a spokesperson for the AP data watchdog in the Netherlands, where Tesla’s European headquarters is located, told Reuters.
They declined all comment on whether the agency might launch or have launched an investigation, citing policy. The Dutch agency was informed by its counterpart in the German state of Brandenberg.
Handelsblatt said Tesla notified the Dutch authorities about the breach, but the AP spokesperson said they were not aware if the company had made any representations to the agency.
Tesla was not immediately available for comment on Friday on the Handelsblatt report, which said customer data could be found “in abundance” in a data set labelled “Tesla Files”.
The data protection office in Brandenburg, which is home to Tesla’s European gigafactory, described the data leak as “massive”.
“I can’t remember such a scale,” Brandenburg data protection officer Dagmar Hartge said, adding that the case had been handed to the Dutch authorities who would be responsible if the allegations led to an enforcement action.
The Dutch authorities has several weeks to decide whether to deal with the case as part of a European procedure, she added.
The files include tables containing more than 100,000 names of former and current employees, including the social security number of Tesla CEO Musk, along with private email addresses, phone numbers, salaries of employees, bank details of customers and secret details from production, Handelsblatt reported.
Adrianus Warmenhoven, a cybersecurity expert at NordVPN, said: “Autonomous intelligence technology is the most advanced type of AI, as it removes the need for human intervention.
“While we may still be a long way off a driver being able to take their eyes off the road, we are still putting faith in something which we don’t yet fully understand.
“This new technology is being designed with the driver in mind, but it is crucial that cybersecurity is not forgotten, as there may be dangers hiding beyond the control panel.
“It would take hackers a lot of work to bypass the built-in security features of these cars, but they could still find a way.
“Ransomware, wireless carjacking, key fob cloning and cyber-attacks on connected devices in the hardware and software of the car are all potential security concerns that could arise.
“This is an exciting time for car makers and the potential positives of self-driving cars outweigh the negatives. However, without a strong cybersecurity focus to future-proof these desirable vehicles, there is a risk criminals could already be preparing to manipulate this technology — so they can make a quick getaway without a hand on the steering wheel.” By Graham Hill thanks to Fleet News