2 min read

Tesla Data Leak: Pre-Owned Vehicle Infotainment Components Store Owners" Personal Details and Passwords

Alina BÎZGĂ

May 05, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Tesla Data Leak: Pre-Owned Vehicle Infotainment Components Store Owners" Personal Details and Passwords

According to white hat hacker GreenTheOnly, Tesla forgot to wipe personal information of customers from previously used infotainment and Autopilot hardware.The discovery came about after Green found and purchased four pre-owned Tesla components from Ebay.

“Bad news Sunday. If you had infotainment computer in your Tesla replaced (model3 FSD upgrade, mcu2 retrofit, mcu1 emmc fix or any other fixe requiring computer swap) – consider all accounts you logged into from the car compromised and change pwds,” said Green in a Twitter post on May 3.

While normal vehicle infotainment systems can store phone numbers, audio media and addresses, Tesla components also enable access to video- and audio-streaming platforms such as Netflix and Spotify.

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

In some of the systems, the researcher found Netflix session cookies that could be used to gain access to the owner”s account, while others included stored Gmail cookies, WiFi passwords and Spotify passwords in plain text.

“In particular if you log into spotify – the password is stored in plain text. gmail and netflix are stored as a cookie but still give a potential attacker access. The of course all recent calendar events and your phone book and calls history too,” Green added.

The company says upgrading a car”s hardware to gain access to new features and upgrades is performed in Tesla service centers, and owners can also request the transfer of their personal data and preferences to the new installations.

While service centers should destroy any pre-owned hardware, or at least wipe existing personal information, it is unclear how the hardware found its way onto the Ebay marketplace.

Green also notified Tesla representatives of his findings.However, the company failed to notify affected customers, and has yet to release an official statement.

Tesla owners that wish to sell their vehicles are advised to manually wipe the data from their infotainment systems, and should they opt for upgrading their car with new fittings, they should make sure that the service center properly disposes of the hardware and deleted any existing information.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

What is a credit freeze and when should you use it? What is a credit freeze and when should you use it?
Alina BÎZGĂ

May 17, 2022

2 min read
Are you a victim of identity theft? Five common signs that cybercrooks are using your identity Are you a victim of identity theft? Five common signs that cybercrooks are using your identity
Alina BÎZGĂ

May 17, 2022

2 min read
What you need to know about identity theft What you need to know about identity theft
Alina BÎZGĂ

May 17, 2022

2 min read