Over 75,000 current and former employees of car manufacturer Tesla are being notified their personal information was stolen in an insider data breach.
Tesla notified the Maine attorney general’s office Friday of the breach, which occurred on May 10. The same day, according to a copy of a letter sent to victims and filed with the state, the German Handelsblatt media group notified the company that it had learned of the breach and obtained a copy of stolen information.
On investigating, Tesla discovered that two former Tesla employees had “misappropriated the information in violation of the manufacturer’s IT security and data protection policies and shared it with the media outlet.”
The data is described as contact information such as as address, phone number, and/or email address of staff.
The company then sued the former employees, which enabled the seizure of their electronic devices that were believed to have contained the Tesla information. Tesla also got court orders that prohibit the former employees from further use, access, or dissemination of the data, subject to criminal penalties.
The notice to the state of Maine says data of 75,735 people was copied. According to Tesla’s website, it has over 100,000 employees.
Tesla co-operated with law enforcement and external forensics experts, and will continue to take appropriate action. The victims are being offered credit monitoring support.
The notice doesn’t say where the data theft took place, or why a German media firm was given a heads-up by the hackers. The company has offices in the U.S., China, Germany and Australia, and factories in Germany and China.
Insider cyber attacks aren’t uncommon, but they aren’t anywhere near the majority of breaches of security controls. Verizon’s annual Data Breach Investigations Report, which has over a decade of data on attacks around the world, suggests an average of 30 per cent of attacks can be traced to insiders.
In the most recent report, 20 per cent of the 5,177 breaches looked at were caused by insiders.
Insiders would include contractors and partners allowed access to an organization’s IT network as well as employees.