A Tesla whistleblower has reportedly leaked 100GB of data relating to customer complaints to a German newspaper. The data protection agency for the Netherlands, where electric vehicle maker’s European headquarters is based, is currently investigating the potential breach. If Tesla is found to be in contravention of GDPR, it could be fined up to €3.26bn.
Along with the complaints themselves, the files reportedly include data on more than 100,000 current and former Tesla employees, as well as private email addresses, phone numbers, salaries, customer bank details and even Tesla CEO Elon Musk’s social security number.
Dutch data regulator looks into possible Tesla data breach
A whistleblower claiming to be from within Tesla has leaked the information to Germany’s Handelsblatt.
A spokesperson for the AP data watchdog in the Netherlands said: “We are aware of the Handelsblatt story and we are looking into it,” but declined to say whether it would launch a full investigation when questioned by reporters.
The complaints were reported across the US, Europe and Asia and are made up of up to 2,400 self-acceleration issues, 1,500 braking problems including 139 reports of “unintentional emergency braking” and 383 reports of “phantom stops” from false collision warnings in Tesla vehicles.
According to Handelsblatt, the company has responded with a lawyer’s letter for Tesla, saying “a disgruntled former employee” had abused his access as a service technician to get information, adding that the company would be taking legal action against the suspected source of the leak.
According to the newspaper, the whistleblower notified the German authorities about a data protection breach in April.
Tesla has not replied to Tech Monitor’s requests for comment at the time of writing. If found guilty of breaching GDPR, Tesla could be fined up to 4% of its revenue, which would amount to €3.26bn. This week another Big Tech company, Meta, received a €1.2bn fine for contravening Europe’s data regulations by transferring data from the EU to the US.
Tesla’s security problems mount
Just last month Tesla was caught up in another scandal where its employees were circulating clips on private messaging boards of invasive videos and images recorded by in-car cameras.
Some of the subjects of the footage are naked, other videos are disturbing, as they show children being knocked over by the cars. Tesla assured its customers at the time that their privacy “is and always will be enormously important to us”.
In June 2018, Tesla filed a lawsuit against a former employee after they made changes to the company’s source code and exported gigabytes of proprietary data to unknown third parties. Musk sent out a company-wide email at the time discussing the “saboteur” in the ranks of Tesla.
Elsewhere in Musk’s empire, cybercriminals from ransomware gang LockBit claimed to have accessed 3,000 plans from his satellite company SpaceX following a raid on one of SpaceX’s suppliers, Maximum Industries, in March.