Tesla infotainment sensitive data sold on eBay along with Tesla parts

Tesla infotainment data surprisingly sold on eBay along with Tesla parts

A set of Tesla infotainment data surprisingly sold on eBay. The users’ sensitive details came along a purchase of Tesla parts.

A researcher surprisingly discovered something unusual packed with the Tesla parts he purchased over eBay. He found that his acquired media control units (MCU) contained sensitive information from the electric vehicle company.

The researcher who uses the Twitter handler greentheonly revealed that he was able to access the information on the 13 MCUs he acquired. He suspects that the units were taken out from refurbished or repaired electric vehicles.

Based on the history trace, the 13 units had one last location in common. The MCUs all came from a Tesla service center before being retired for selling.

greentheonly believes that they were all removed by an authorized Tesla service center technician. His findings also proved that all the 13 units missed the standard operating procedure in proper disposal of sensitive data.

Tesla normally removes MCU

It is a normal practice for a Tesla service center technician to remove MCUs. It usually happens during repairs.

Another reason for media control unit removal is improving the autopilot. During the said process, the authorized technician takes out the MCU to give way to a more advanced device model.

However, there should be a proper way of disposing of the units’ sensitive contents. Tesla requires all removed MCUs to be sent back to the company.

Damaged units, on the other hand, are expected to be crashed. They should be hammered down to make sure that no sensitive data will be recovered before the unit gets disposed of.

In this case, the discovering researcher believes that there is some personnel in the service center who violated the rule. Instead of returning the units to the company, they sold the intact units containing sensitive information.

The researcher even suspects that the said employees just created an internal disposal or destruction report. He pointed out that there are salvage yards selling stuff like that.

greentheonly revealed that not all the 13 MCUs he acquired came from eBay. He said that he got the 12 from the online store and one he got from a friend. However, all of them were loaded with confidential information.

Inside the media control unit

Some of the MCU contents were phonebooks, hundreds of call log entries, home, and work locations. The researcher even discovered readable Wi-Fi and Spotify passwords. The units were loaded with Gmail accounts, YouTube, and Netflix session cookies. A list of recent calendar entries was in the units as well.

Tesla’s reaction

Tesla did not give any reaction to the incident yet. The company representative also has not responded to the email question on the company’s disposal policy.

Image courtesy of Bit Boy/Flickr

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers - you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.