Massive data breach exposes trade secrets from Tesla, Toyota, and others

Ford Edge ST
Ronan Glon/Digital Trends

Car companies wondering how Toyota builds a Corolla might have just missed a golden opportunity, as some of the automotive industry’s best-kept secrets were out in the open for an undetermined amount of time. Security researcher Chris Vickery discovered an immense data breach that affected numerous carmakers including Tesla, Toyota, Ford, and Volkswagen.

Vickery told the New York Times he found nearly 47,000 sensitive documents posted on the internet like a mac-and-cheese recipe on a cooking blog. The 157-gigabyte batch included corporate documents such as detailed blueprints and factory schematics, client material like invoices, contracts, and work plans, plus nondisclosure agreements (NDA). Automakers normally go to great lengths to keep this type of data confidential and out of the public eye because outing trade secrets risks giving competitors an unfair advantage.

Recommended Videos

“That was a big red flag. If you see NDAs, you know right away that you’ve found something that’s not supposed to be publicly available,” Vickery explained.

The roughly 100 companies affected by the leak all had one common point: They were in contact with a Canadian firm named Level One Robotics and Controls that specializes in designing automation processes for automakers and industry suppliers. Vickery found the data on one of Level One’s backup servers. There was no hacking required; the server wasn’t password-protected so anyone who found its location could access the documents stored on it. Level One boss Milan Gasko told the New York Times it’s “extremely unlikely” someone other than Vickery found the server and viewed the data but he declined to comment on whether the company can detect an unauthorized person accessing its files.

Vickery added the leaked documents also included personal information about a handful of Level One employees, including driver’s licenses and passports that the company scanned. Customer data wasn’t part of the breach, so motorists who bought a Toyota, a Tesla, or a Volkswagen have nothing to worry about. Officials from the car companies affected by the breach refused to comment on the matter.

Level One took down the information as soon as it heard about the breach from Vickery. “Level One takes these allegations very seriously and is diligently working to conduct a full investigation of the nature, extent, and ramifications of this alleged data exposure,” Masko added.

Editors' Recommendations

Ronan Glon is an American automotive and tech journalist based in southern France. As a long-time contributor to Digital…
Tesla receives massive Model 3 order from car-rental giant Hertz

Tesla’s market value increased beyond $1 trillion on Monday after Hertz announced "an initial order" of 100,000 vehicles from the automaker.

Hertz has ordered the Tesla Model 3, which starts at around $40,000 and is the automaker’s best-priced vehicle among its current range of electric vehicles (EVs).

Read more
Elon Musk: Tesla Will Open up Superchargers to Other EVs

After years of talking about it, Tesla CEO Elon Musk this week confirmed that the electric-car company will start to open up its network of Superchargers to other vehicles “later this year.”

Musk revealed the news on Tuesday, July 21, in response to a tweet about the company’s technology for rapid charging.

Read more
Watch this Tesla drive from SF to LA with almost no intervention

A Tesla enthusiast has posted a video showing a Model 3 Performance vehicle traveling from San Francisco to Los Angeles, California in Full Self-Driving (FSD) beta mode, with almost no human intervention necessary during the entire trip.

The video (above), spotted by Teslarati, has been sped up to compress the 380-mile journey int0 15 minutes of footage, though it’s still easy to see the vehicle’s driving decisions play out on its touchscreen display.

Read more