A hacker found Spotify passwords, Gmail & Netflix session cookies, etc. on Tesla car parts sold on the e-commerce giant.
Protecting customer data should be the first and foremost priority of any and every vendor. However, high-profile companies have a bigger responsibility in this regard as their customer base is far wider and trust level exceedingly higher among the masses. This doesn’t seem like the case with electric vehicle manufacturer Tesla, Inc., according to the findings of an ethical hacker GreenTheOnly.
It started when Green discovered discarded infotainment components available for sale on eBay, which is nothing out of the ordinary. But, what makes this rather concerning is that Tesla didn’t delete the stored user data from the components.
See: FBI’s Surveillance Van Sold on eBay for US $18,700
For your information, a vehicle’s infotainment system stores information about the audio media, addresses, and phone numbers. But Tesla’s infotainment systems are quite advanced as these offer additional services like Netflix and Spotify connection.
This reminds us of a recent incident in which a German military laptop was sold on eBay for just €90 inclusive of the shipping cost. Purchased by a cybersecurity firm named G Data; it turned out that the laptop contained secret documents including military secrets.
As for Tesla, to dig deep, Green bought four MCUs (media control units) from the company via eBay and identified that the devices contained personal data of its previous user, and it wasn’t protected at all ..
Support the originator by clicking the read the rest link below.
