Tesla hacking highlights needs for greater cloud security

The news that electric car manufacturer Tesla’s Amazon account was hacked to mine cryptocurrencies comes as a timely reminder that data breaches can hit even the big end of town.

Reports suggest the company was targeted by several unknown hackers who cryptojacked the account to generate virtual currencies on Tesla’s computers.

The cryptojacking was picked up RedLock, a cybersecurity startup, who discovered the intrusion whilst trying to uncover which organisation had left credentials for an Amazon Web Services (AWS) account open to the public.

After investigation Redlock found the company was Tesla. RedLock said they discovered Tesla’s credentials on an unsecured IT administrative console that lacked password protection.

Speaking with Fortune, CEO and co-founder of Redlock, Varun Badhwar, said they were not the first people to discover the flaw.

“Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment,” Badhwar said.

Badhwar suggested the hack had potentially exposed one of Tesla’s Amazon simple storage servers providing access to Tesla telemetry and vehicle data.

“It didn’t have personally identifiable information, per se,” Badhwar said.

Tesla has been quick to point out no customer data was involved in the breach and the car making giant believes the hack was isolated to data on internally used test cars only.

 

 

 

 

Related Posts

Cec is the managing editor of KBB. She is a multimedia professional with over fifteen years experience as an editor on titles as diverse as SX, CULT, Better Pictures, Total Rock, MTV, fasterlouder, mynikonlife and Fantastic Living. She has spent the past four years working as a news journalist covering all the issues that matter in the political, health and LGBTIQ arena. She is the Head of Content at Pinstripe Media and a recent convert to the world of small business.

LEAVE A REPLY

Please enter your comment!
Please enter your name here