What is behind the data leak at Tesla









Fri 05/26/23 | From Philip Barnstorf

Customer bank details, employee addresses, internal information on battery production: the data leak at Tesla is massive. How could this happen? And what does that mean for the Tesla factory in Grünheide? Von Philip Barnstorf

Unknowns have the business magazine “Handelsblatt” and authorities leaked more than 100 gigabytes of sensitive data from the electric car manufacturer Tesla. These include customer bank details, employee addresses and salaries, technical data on battery production and customer complaints about the driver assistance system that Tesla builds in many of its cars. “If you take what is available in the Handelsblatt, it is an extremely big leak,” said Brandenburg data protection officer Dagmar Hartge to rbb on Friday. There are indications that more than 100,000 workers in the EU are affected.

How could that happen?

According to the “Handelsblatt” report, Tesla suspects one of its former employees. According to a company spokeswoman, he was annoyed with the company and then passed on the data. So should Tesla have done more to protect its data? “It seems as if the security measures were too lax,” says Frederick Richter of the federal data protection foundation. According to the Handelsblatt, more employees had access to the sensitive data than would have been necessary for their work.

Why were there probably not enough IT security precautions?

That could be due to Tesla’s radical drive to innovate and grow. On the one hand, this has brought the company far. Tesla, for example, continues to set standards with the digital networking of its cars and has forced other manufacturers to invest more in e-mobility. Tesla has grown rapidly over the past few years, increasing its sales year after year. Apparently, the infrastructure for IT security has not grown at the same pace. Tesla’s construction activity in Grünheide also suggests that some areas at Tesla are not yet working properly. Companies built individual parts of the plant several times without permission because there was confusion between the responsibilities internally. Tesla’s personnel policy could also have contributed to the fact that sustainable and reliable structures have not yet been created in some areas. Another reason could lie in Tesla’s internal organization. Despite its size, the company is still more like a startup tailored to its boss. “Elon Musk decides for the whole company,” says Stefan Bratzel, Professor at the Center for Automotive Management in Bergisch Gladbach. This makes the group very flexible, but “if Musk overlooks something, it will be overlooked. Then there is little contradiction.”

What does the data leak mean for the Grünheider factory?

If the suspicion is confirmed that Tesla’s internal IT security precautions are not sufficient, the company must also make improvements in Grünheide. “Tesla must also inform all customers and employees whose data has been passed on,” says Frederick Richter of the Data Protection Foundation. This should affect employees and possibly also customers from Brandenburg.

The incident will probably hardly have any economic consequences for Grünheide. Tesla’s stock market value has fallen in recent months, but the company is still by far the most valuable electric car producer in the world. In addition, Tesla increases its sales figures from year to year. And finally: “Tesla makes very good money with its cars. Other manufacturers have yet to do that with their electric car divisions,” says automotive expert Bratzel. However, according to the “Handelsblatt”, the leaked documents also contain 7,900 customer complaints about the Tesla driving assistant. It causes accidents by braking or accelerating for no reason. The number seems low given the 2.6 million cars sold with driving assistants. Nevertheless, it turns out that Teslas, contrary to Elon Musk’s frequent promises, are still not able to drive autonomously. That could damage the company’s image and ultimately also affect Grünheide.

What happens next?

Because the leaked data contains information about Tesla employees across Europe, the Brandenburg data protection authority passed the case on to Dutch data protection officers. Tesla has its European headquarters there. Now the Dutch authorities are investigating. Depending on which allegations she can prove, Tesla faces a fine – according to “Handelsblatt” up to 3.26 billion dollars – or a warning. The data protection officers can also issue a ban. A decision is likely to be a long time coming. “With the amount of data, it can take years and also depends on the extent to which Tesla cooperates,” says Brandenburg’s data protection officer Dagmar Hartge. Her authority wants to work closely with her Dutch colleagues, “because this is a very important case for us.” Show: rbb24, 05/26/2023, 6:00 p.m