Mega cybersecurity breaches have left the public and companies feeling vulnerable, and, according to a new report by cloud security firm RedLock, Tesla is one of the latest victims to have its public cloud breached by hackers.
The RedLock CSI team found that hackers infiltrated a public cloud environment owned by the electric car company. The hackers used their access to steal computing time for cryptocurrency mining. RedLock said it informed Tesla, and the car company’s security team has already addressed the vulnerabilities, according to a report being released by RedLock today.
The cloud security trends report evaluates serious threats to public cloud environments. It found that account compromises keep rising. Poor user and API access hygiene, combined with ineffective visibility and user activity monitoring, are causing organizations to be more vulnerable to breaches. For example, 73 percent of organizations allow the root user account to be used to perform activities — behavior that goes against security best practices. Sixteen percent of organizations have user accounts that have potentially been compromised.
A spokesman for Tesla said in an email, “We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
In many hacks, the goal is to steal data. But now, the thieves also hijack compute…