Tuesday, November 5, 2024
HomeCyber Security NewsTesla Employees Shared Sensitive Images of Cameras on Customers‘ Cars

Tesla Employees Shared Sensitive Images of Cameras on Customers‘ Cars

Published on

Malware protection

Reuters reported that between 2019 and 2022, groups of Tesla employees secretly shared via internal messaging system occasionally highly intrusive recordings and photographs captured by consumers’ car cameras.

A notable statement from Tesla Inc. is that it guarantees the millions of owners of electric cars that their privacy “is and will always be enormously important to us.” 

According to a statement on its website, the driving assistance cameras the company installs in cars are “designed from the ground up to protect your privacy.”

- Advertisement - SIEM as a Service

A few of the recordings showed Tesla customers in unpleasant circumstances—a video of a man approaching a vehicle while entirely naked was described by one ex-employee.

Many staff received copies of the photographs, which were made into memes showcasing customers’ dogs and hilarious road signs. In contrast, others showed car crashes and instances of road rage, including one video showing a Tesla hitting a child riding a bike.

Tesla claims its “camera recordings remain anonymous and are not linked to you or your vehicle” in its online “Customer Privacy Notice.” 

However, seven ex-workers revealed that computer software they used at the time might expose the location of recordings, which might indicate a Tesla owner’s residence.

True Objectives of Tesla Cameras

Tesla’s cameras are designed to capture driving events while also enabling autopilot and auto park capabilities by spotting roadside obstacles like street signs and traffic signals.

Also, the company employs hundreds of people to label Tesla-taken images so that the cars’ computers can identify typical obstacles. Employees can access these records as a result.

According to the company’s website, the cameras, known as “Dashcams,” are fixed in cars and only capture video of their surroundings when the vehicle is turned on. 

But, a former employee told Reuters that some recordings appeared to have been made while the car was parked and turned off.

“It was a breach of privacy, to be honest. And I always joked that I would never buy a Tesla after seeing how they treated some of these people,” said one former employee.

David Choffnes, executive director of the Cybersecurity and Privacy Institute at Northeastern University in Boston, called sharing of sensitive videos and images by Tesla employees “morally reprehensible. Any normal human being would be appalled by this.”

Tesla has been under controversy for its work environment, business procedures, and product, including claims that the “Full Self-Driving” and autopilot technologies included in select Tesla models have contributed to accidents and endanger drivers. 

The Justice Department and other agencies are looking into Tesla’s use of the autopilot feature after the firm recalled hundreds of thousands of vehicles earlier this year to upgrade the software. 

Tesla has acknowledged that the auto-driving feature still necessitates ongoing attention from the driver. The “Full Self-Driving” option could get around a California rule prohibiting automakers from marketing their autopilot technology as totally autonomous.

Its sentry mode system, an external camera meant to protect from theft or vandalism, has been the center of disputes claiming it could lead to non-consensual filming.

Sentry mode was the subject of a data protection agency’s investigation in the Netherlands in February. Still, it found that the car owner, not the company, was responsible for recording. It decided not to penalize Tesla after introducing features to warn people about the recording system.

Tesla’s multi-million-strong global fleet of vehicles generates a large amount of data. Before collecting data from customers’ automobiles, the firm requests their consent via the touch screens in their cars. According to Tesla’s website, “You’re Data Belongs to You.”

Because of issues with its cameras, some government compounds and residential areas in China have prohibited Teslas. In response, Musk said in a virtual talk at a Chinese forum in 2021: “If Tesla used cars to spy in China or anywhere, we will get shut down.”

Thus, as the people interviewed by Reuters no longer work at Tesla, it’s unclear if these privacy violations still occur.

Struggling to Apply The Security Patch in Your System? – 

Related Read:

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints

Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to...

Hackers Created 100+ Fake Web Stores To Steal Millions Of Dollars From Customers

The Phish, 'n' Ships fraud operation leverages, compromised websites to redirect users to fake...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

ClickFix Exploits GMeet & Zoom Pages to Deliver Sophisticated Malware

A new tactic, "ClickFix," has emerged. It exploits fake Google Meet and Zoom pages...

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware...

Hackers Using AV/EDR Bypass Tool From Cybercrime Forums To Bypass Endpoints

Researchers uncovered two previously unknown endpoints with older Cortex XDR agents that used to...