Tesla’s cloud account was hacked and used to mine cryptocurrency, according to a security research firm. Hackers gained access to the electric car company’s Amazon Web Services cloud account, where they were able to view “sensitive data” such as vehicle telemetry.
RedLock discovered the hack after it found an IT administrative console that didn't have a password, but the company was unable to determine who initiated the hack or how much cryptocurrency was mined.
RedLock’s researchers say they found Tesla’s unprotected information on a Kubernetes console, a Google-designed system for optimizing cloud applications. The exposure allowed hackers to access Tesla’s cloud environment.
According to Fortune, Tesla paid RedLock over $3,000 as part of its bug bounty program, which rewards people who find vulnerabilities in the company's products or services that could be exploited by hackers.
RedLock said they immediately reported the incident to Tesla, which quickly rectified the situation. A Tesla spokesperson said that no customer data was impacted by the breach.
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” the spokesperson said. “The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
Amazon Web Services (AWS) is the retailer's cloud storage division, and it has become one of the company's most profitable services. But AWS accounts, along with business and government websites and servers, have become vulnerable to "cryptojacking" schemes in which hackers break into them to mine cryptocurrency, which has become increasingly lucrative in the past year.
According to RedLock, using Tesla’s cloud account to mine cryptocurrency is more valuable than any data stored within. The cybersecurity firm said in a report released Monday that it estimates 58 percent of organizations that use public cloud services, such as AWS, Microsoft Azure, or Google Cloud, have publicly exposed “at least one cloud storage service.” Eight percent have had cryptojacking incidents.
“In particular, organizations’ public cloud environments are ideal targets due to the lack of effective cloud threat defense programs. In the past few months alone, we have uncovered a number of cryptojacking incidents including the one affecting Tesla.”