Former Tesla employees stole data of over 75,000 staff, company says

Over 75,000 current and former employees of car manufacturer Tesla are being notified their personal information was stolen in an insider data breach.

Tesla notified the Maine attorney general’s office Friday of the breach, which occurred on May 10. The same day, according to a copy of a letter sent to victims and filed with the state, the German Handelsblatt media group notified the company that it had learned of the breach and obtained a copy of stolen information.

On investigating, Tesla discovered that two former Tesla employees had “misappropriated the information in violation of the manufacturer’s IT security and data protection policies and shared it with the media outlet.”

The data is described as contact information such as as address, phone number, and/or email address of staff.

The company then sued the former employees, which enabled the seizure of their electronic devices that were believed to have contained the Tesla information. Tesla also got court orders that prohibit the former employees from further use, access, or dissemination of the data, subject to criminal penalties.

The notice to the state of Maine says data of 75,735 people was copied. According to Tesla’s website, it has over 100,000 employees.

Related content: Should management lose their jobs for an insider attack?

Tesla co-operated with law enforcement and external forensics experts, and will continue to take appropriate action. The victims are being offered credit monitoring support.

The notice doesn’t say where the data theft took place, or why a German media firm was given a heads-up by the hackers. The company has offices in the U.S., China, Germany and Australia, and factories in Germany and China.

Related content: Canada issues guide on insider threats

Insider cyber attacks aren’t uncommon, but they aren’t anywhere near the majority of breaches of security controls. Verizon’s annual Data Breach Investigations Report, which has over a decade of data on attacks around the world, suggests an average of 30 per cent of attacks can be traced to insiders.

In the most recent report, 20 per cent of the 5,177 breaches looked at were caused by insiders.

Insiders would include contractors and partners allowed access to an organization’s IT network as well as employees.

Related content: Signs you have an insider problem

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs