Tesla Data Breach Impacting 75,000 Employees Blamed on ‘Insider Wrongdoing’

Tesla has started to notify current and former employees after 75,000 confidential files with personal information were included in an insider data breach in May.

The data breach which involved employee-related records at the Austin, Texas-based automaker was a result of “insider wrongdoing,” according to an Aug. 18 notice on the Maine attorney general office’s website.

This included nine residents of the state who happened to be current or former employees of Tesla.

German Newspaper Reports Insider Breach at Tesla

“A foreign media outlet (named Handelsblatt) informed Tesla on May 10, 2023, that it had obtained Tesla confidential information,” according to a letter from Tesla in a letter posted on the website of the Maine attorney general’s office.

Tesla stated in the recent notice that an internal “investigation revealed that two former Tesla employees misappropriated the information in violation of Tesla’s IT security and data protection policies and shared it with the media outlet.”

The letter said that lawsuits have since been filed by the carmaker against the two former employees, without specifying the exact jurisdiction of the case.

Tesla said it had “obtained court orders that prohibit the former employees from further use, access, or dissemination of the data, subject to criminal penalties,” and that it would cooperate with ”law enforcement and external forensics experts and will continue to take appropriate steps as necessary.”

The company added that electronic devices which were believed to have contained the sensitive company information were also seized by authorties.

“These lawsuits resulted in the seizure of the former employees’ electronic devices that were believed to have contained the Tesla information,” the letter continued.

The electric carmaker informed employees that it failed to detect any misuse of personal data and would offer complimentary membership to Experian IdentityWorks’ credit monitoring and identity theft service.

Memberships will be for one or two years, depending on the employee and the specific engagement number on the letter that they receive.

The Epoch Times has reached out to Tesla for comment.

Recent Data Breach Could Spell Trouble for Carmaker

According to the leaked files, Handelsblatt reported that there were almost 4,000 customer complaints regarding the carmaker’s driver assistance systems, especially regarding sudden acceleration or phantom braking.

The news outlet promised Tesla that it would not publish any of the personal information and that it was “legally prohibited from using it inappropriately,” according to the notice.

The German union, IG Metall, called the leaks “disturbing” and demanded that Tesla inform employees about future data protection breaches and allow staff to discuss problems and grievances openly without fear.

“These revelations … fit with the picture that we have gained in just under two years,” Dirk Schulze, IG Metall district manager for Berlin, Brandenburg and Saxony, told Reuters.

Meanwhile, the failure by Tesla to protect the information could be seen as a violation of the European Union’s General Data Protection Regulation, which mandates protection of employee information.

According to CNN, Tesla could be fined up to 4 percent of its annual sales, which could be $3.55 billion, said the AP data watchdog in the Netherlands, where Tesla’s European headquarters is located

Meta was hit with a record $1.3 billion fine in May by the top European Union privacy regulator over its handling of user information and was ordered to stop transferring user data to the United States within five months.

In April, Reuters reported that several Tesla employees had privately shared some highly sensitive videos and images recorded by internal car cameras, between 2019 and 2022, via an internal messaging system.

Reuters contributed to this report.