Tuesday April 23, 2019
Home Lead Story Researchers E...

Researchers Extract Personal and Encrypted Data from Junked Tesla Cars

According to the report, data stored on Tesla models is not automatically erased when the car is hauled away from an accident site or sold at auction

0
//
tesla
"We are committed to finding and improving upon the right balance between technical vehicle needs and the privacy of customers," the Tesla spokesperson said. Pixabay

 In a shocking revelation, security researchers have extracted personal and unencrypted data — videos, phonebooks, calendar items — of Tesla users from crashed models sold at junkyards and auctions.

According to a CNBC report, a security researcher who goes by the name GreenTheOnly extracted data from the computers in salvaged Tesla Model S, Model X and two Model 3 vehicles.

“The computers on Tesla vehicles keep everything that drivers have voluntarily stored on their cars, plus tons of other information generated by the vehicles, including video, location and navigational data showing exactly what happened leading up to a crash,” the report claimed on Friday, citing researchers.

A Tesla spokesperson told CNBC the company offers options that customers can use to protect personal data stored on their car. “It includes a factory reset option for deleting personal data and restoring customised settings to factory defaults, and a Valet Mode for hiding personal data (among other functions) when giving their keys to a valet,” the spokesperson was quoted as saying.

tesla
According to the report, data stored on Tesla models is not automatically erased when the car is hauled away from an accident site or sold at auction. Pixabay

“We are committed to finding and improving upon the right balance between technical vehicle needs and the privacy of customers,” the Tesla spokesperson said.

According to the report, data stored on Tesla models is not automatically erased when the car is hauled away from an accident site or sold at auction.

GreenTheOnly and his fellow white-hat hacker “Theo” bought a wrecked Model 3 to evaluate the data that remains in the car’s computers after a crash. They extracted records that showed the car’s computers had stored data from at least 17 different devices.

“Mobile phones or tablets had paired to the car around 170 times. The Model 3 held 11 phonebooks’ worth of contact information from drivers or passengers who had paired their devices, and calendar entries with descriptions of planned appointments, and e-mail addresses of those invited,” the report said.

Tesla recently had to give away one of their Model 3 cars and $35,000 prize money to a group of hackers after they cracked its system at a hacking event.

tesla
Tesla recently had to give away one of their Model 3 cars and $35,000 prize money to a group of hackers after they cracked its system at a hacking event. PIxabay

ALSO READ: Japanese Refineries Put Halt on Imports of Iranian Oil as Waiver Nears End

Amat Cama and Richard Zhu of team Fluoroacetate exposed vulnerability in the vehicle system during the Pwn2Own 2019 hacking competition, organised by Trend Micro’s “Zero Day Initiative (ZDI)”, in Vancouver, Canada, this week.

As part of Tesla’s bug bounty programme, the company has paid hundreds of thousands of dollars in rewards to hackers who exposed vulnerabilities in its systems.

The electric car maker was fairly quick to fix vulnerabilities exposed by white hat hackers. (IANS)

Next Story

Group of Hackers Upload Personal Data of US Federal Agents Online

The FBI is yet to speak on the incident

0
cyber attacks, hackers
Representational image. Pixabay

A group of hackers has broken into several FBI-affiliated portals and uploaded the contents online that contained personal information of federal agents and law enforcement officers.

According to a TechCrunch report late Friday, the hackers breached three websites associated with the FBI National Academy Association located at the FBI training academy in Quantico, Virginia.

The hackers “exploited flaws on at least three of the organisation’s chapter websites – which we’re not naming – and downloaded the contents of each web server,” the report said.

The hacker claimed to have “over a million data” on employees across several federal agencies and public service organisations in the US.

They also put the data up for download on their own website.

hacker
The hackers “exploited flaws on at least three of the organisation’s chapter websites – which we’re not naming – and downloaded the contents of each web server,” the report said. Pixabay

“We hacked more than 1,000 sites. Now we are structuring all the data, and soon they will be sold. I think something else will publish from the list of hacked government sites,” a hacker told TechCrunch.

The data contains member names, a mix of personal and government email addresses, job titles, phone numbers and postal addresses.

Also Read- Facebook ‘Plans’ to Bring Chat Back into Main App

The hackers, whose identity is still unknown whether they are an independent group or nation-state actors, used public exploits, indicating that “many of the websites they hit weren’t up-to-date and had outdated plugins”.

The FBI was yet to speak on the incident. (IANS)