Two former employees of Tesla are accused of mishandling employee data and leaking over 75,000 individuals' information to a foreign media outlet. The data breach was announced by the Maine Attorney General's Office, which published an advisory notice on its website. The notice included a copy of the original alert sent out by Tesla, explaining the context of the breach.
Tesla stated that a foreign media outlet named Handelsblatt had informed them on May 10, 2023, that it had obtained confidential information from the company. An investigation revealed that two former employees had misappropriated the information in violation of Tesla's IT security and data protection policies and shared it with the media outlet. However, the outlet has stated that it does not intend to publish the personal information and is legally prohibited from using it inappropriately.
Tesla took immediate legal action against the two employees responsible and arranged for the seizure of their equipment. Lawsuits were filed against them and their electronic devices were seized. The company also obtained court orders prohibiting the former employees from further use, access, or dissemination of the data, subject to criminal penalties. Tesla cooperated with law enforcement and external forensics experts throughout the process.
The security breach compromised Social Security numbers, names, and other personal identifying information. As a response, Tesla is offering credit monitoring and identity detection and resolution services to those affected.
It is important to note that this incident raises concerns about data security and the potential risks associated with mishandling sensitive information. Tesla's swift response in taking legal action and cooperating with authorities demonstrates their commitment to addressing the issue and protecting their customers' data. However, the incident also highlights the ongoing challenges companies face in safeguarding personal information in an increasingly digital world.