Former Tesla employees stole data of over 75,000 staff, company says

Over 75,000 current and former employees of car manufacturer Tesla are being notified their personal information was stolen in an insider data breach.

Tesla notified the Maine attorney general’s office Friday of the breach, which occurred on May 10. The same day, according to a copy of a letter sent to victims and filed with the state, the German Handelsblatt media group notified the company that it had learned of the breach and obtained a copy of stolen information.

On investigating, Tesla discovered that two former Tesla employees had “misappropriated the information in violation of the manufacturer’s IT security and data protection policies and shared it with the media outlet.”

The data is described as contact information such as as address, phone number, and/or email address of staff.

The company then sued the former employees, which enabled the seizure of their electronic devices that were believed to have contained the Tesla information. Tesla also got court orders that prohibit the former employees from further use, access, or dissemination of the data, subject to criminal penalties.

The notice to the state of Maine says data of 75,735 people was copied. According to Tesla’s website, it has over 100,000 employees.

Related content: Should management lose their jobs for an insider attack?

Tesla co-operated with law enforcement and external forensics experts, and will continue to take appropriate action. The victims are being offered credit monitoring support.

The notice doesn’t say where the data theft took place, or why a German media firm was given a heads-up by the hackers. The company has offices in the U.S., China, Germany and Australia, and factories in Germany and China.

Related content: Canada issues guide on insider threats

Insider cyber attacks aren’t uncommon, but they aren’t anywhere near the majority of breaches of security controls. Verizon’s annual Data Breach Investigations Report, which has over a decade of data on attacks around the world, suggests an average of 30 per cent of attacks can be traced to insiders.

In the most recent report, 20 per cent of the 5,177 breaches looked at were caused by insiders.

Insiders would include contractors and partners allowed access to an organization’s IT network as well as employees.

Related content: Signs you have an insider problem

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now