Tesla's cloud platform falls victim to cryptocurrency mining attack
Tesla chargers. Smith Collection/Gado via Getty
Tesla confirms that resource-draining thieves installed cryptocurrency mining malware onto the company's cloud platform and even test vehicles. The incident was first reported by researchers at the security firm Red Lock.
What they're saying: In a statement, a Tesla spokesperson said: "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."
The details: RedLock, which offers cloud security solutions, first noticed last year that a number of companies using the cloud platform Kubernetes failed to use passwords. Attackers hid cryptocurrency mining programs in those systems. Had they looked through the files in the Tesla cloud — and there is no indication they did — they could have discovered a file storing passwords for another Tesla account with consumer information.