31 Mar 2019
Salvaged Tesla cars found holding owner information, videos
Tesla has a knack for adding cutting-edge technologies into its cars. But now, a few researchers are raising alarms over the EV manufacturer's data collection/handling practices.
Essentially, two white-hat hackers recently analyzed four salvaged Tesla cars and found they all had a lot of information about their owners, including videos and location data, in an unencrypted format.
Here are the details of their discovery.
Junked Tesla Model 3 had personal driver information
Speaking to CNBC, white hat hackers 'GreenTheOnly' and 'Theo' revealed just how much information they discovered from a Model 3 that had been junked after being involved in a crash.
The vehicle's system/components had collected information from 17 devices that had paired with the car about 170 times.
It had 11 phonebooks' worth of contacts, calendar entries with appointment details and emails of drivers/passengers.
Plus, they unearthed videos and navigational data
Along with the core data, the duo was able to determine that the car was used by the employees of a Boston-based construction company.
They even managed to fetch the call-logs of the drivers and the last 73 locations, including residential areas, they had visited.
The data also included unencrypted videos of two crashes the car was involved in, with exact time, date, and location.
Still, this raises serious privacy concerns
While regular cars are known to collect basic data like contact information, the findings associated with Tesla show a different case.
Specifically, the information fed by the driver/passenger and generated by the vehicle's camera and navigational systems is way more here.
Plus, the fact that anyone who gets hold of the vehicle (after it's salvaged) can extract unencrypted information makes the case even worse.
However, Tesla emphasized on continued focus on customer privacy
A Tesla spokesperson told CNBC that the company remains committed to maintaining customer privacy.
They said the cars already offer options to protect data, including a "factory reset option for deleting personal data and restoring customized settings to factory defaults, and a Valet Mode for hiding personal data (among other functions) when giving their keys to a valet."
Similar data unearthed from three other salvaged Tesla cars
The hackers claimed the same kind of data was also found in three other salvaged Tesla cars, including a Model 3, Model X, and Model S. To note, the vehicles had these systems for enhanced capabilities, like cameras for sentry mode and automated wipers.
Employees from Tesla-associated automotive auction company backed the claim
An unnamed employee from Manheim, the auction company Tesla uses for inspection, reconditioning, and reselling of old cars, backed the claims made by the researchers, noting that they didn't wipe cars' software clean before selling them again.