Tesla data breach: New insights from Christie's bug

author: FutureCar Staff    

Last week, new details emerged about the data breach that occurred at American car maker Tesla in May. The breach affected more than 75,000 individuals, and it was revealed that two former Tesla employees were responsible for stealing company data and sharing it with a German news outlet called Handelsblatt. Tesla has filed a lawsuit against the ex-employees, and the devices containing the stolen data have been seized. The stolen documents included private employee data and thousands of customer complaints about potential issues with Tesla cars. This is not the first time Tesla has dealt with an employee exfiltrating company data, as a similar incident occurred in 2018.

Meanwhile, two German cybersecurity researchers have discovered a flaw in the networks of British auction house Christie's. The researchers found that when art sellers from around the world uploaded images of their artwork to Christie's website for appraisal, they unknowingly exposed their location data. Approximately 10% of the uploaded images contained exact GPS coordinates. This security vulnerability was addressed in a joint statement by the US Cybersecurity and Infrastructure Security Agency, the National Security Agency, and the Australian Cyber Security Center. Despite informing Christie's about the vulnerability two months ago, the auction house only implemented a solution last week after being contacted by The Washington Post. Initially, Christie's rejected the researchers' offer of help but eventually took steps to close the vulnerability. While Christie's has not publicly confirmed the researchers' findings, they have stated that they continuously assess their security measures and comply with legal obligations.

FutureCar Staff