Over 75,000 employees of the corporation were impacted by a data breach, according to Tesla, which claimed insider malfeasance was to blame.
Tesla, the Elon Musk-owned electric vehicle manufacturer, reported a data breach to the attorney general of Maine after discovering that two former employees had exposed more than 75,000 people’s personal information to a foreign media outlet.
Tesla’s data privacy officer, Steven Elentukh, stated in the notice that the inquiry “revealed that two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with the media outlet.”
This data contains personally identifying information for 75,735 current and past employees, such as names, addresses, phone numbers, employment-related records, and Social Security numbers.
According to Tesla, two former workers gave the information to the German daily Handelsblatt. The outlet promised Tesla that it wouldn’t publish the information and that it was “legally prohibited from using it inappropriately,” according to the warning.
In May, Handelsblatt claimed that Tesla had experienced a “massive” breach that had exposed everything from the personal information of staff to customer complaints about their vehicles.
The “Tesla Files,” or more than 23,000 internal documents with 100 gigabytes of sensitive information, were obtained by the publication. This includes details regarding employees’ financial accounts, trade secrets for manufacturing, and customer complaints about Tesla’s Full Self-Driving (FSD) features.
According to Handelsblatt, the hack also contained Musk’s Social Security number.
Tesla filed litigation against the workers who were allegedly in charge of the data breach, which led to the confiscation of the workers’ electronic equipment. “Tesla also obtained court orders that prohibit the former employees from further use, access, or dissemination of the data, subject to criminal penalties,” the company stated.
After Reuters revealed in April that Tesla employees had shared private photographs captured by customer cars, this occurrence occurred. Employees allegedly shared “invasive” pictures and videos taken by automobile cameras between 2019 and 2022.