Tesla has failed to adequately protect the data of customers, employees and business partners and has received thousands of customer complaints regarding the automaker’s driver assistance systems, This has been reported by the German Handelsblattciting 100 gigabytes of confidential data leaked by a whistleblower.
The Handelsblatt report said customer data could be found “abundantly” in a data set labeled “Tesla Files”.
The files include tables containing more than 100,000 names of former and current employees, including social security numbers for Tesla CEOs, Elon Muskalong with private email addresses, phone numbers, employee salaries, customer bank details and confidential production information, according to Handelsblatt.
The breach would violate the GDPR, the paper said.
The Guardian has not independently verified the documents.
The data protection office in Brandenburg, which is home to Tesla’s European gigafactory, described the data leak as “massive”.
“I don’t remember such a scale,” said Brandenburg’s data protection officer Dagmar Hartge.
If such a violation was proven, Tesla could be fined up to 4% of its annual sales, which could be 3.26 billion euros ($3.5 billion).
Citing the leaked files, the newspaper also reported a large number of customer complaints regarding Tesla’s driver assistance program, with around 4,000 complaints of sudden acceleration or phantom braking.
German union IG Metall said the revelations were “disturbing” and called on Tesla to inform employees of any data protection breach and foster a culture where staff could raise concerns and complaints openly and without fear.
“These revelations … are consistent with the picture we have been getting in just under two years,” said Dirk Schulze, IG Metall’s incoming district manager for Berlin, Brandenburg and Saxony.
Handelsblatt quoted a lawyer for Tesla as saying that a “disgruntled former employee” had abused his access as a service technician, adding that the company would take legal action against the person it suspected of the leak.
The Netherlands’ data protection watchdog said on Friday it was aware of possible breaches of Tesla’s data protection.
“We are aware of the Handelsblatt story and we are looking into it,” said a spokesperson for the AP’s data watchdog in the Netherlands, where Tesla’s European headquarters are located.
The agency declined any comment on whether it may open or has opened an investigation, citing policy. The Dutch agency was informed by its counterpart in the German state of Brandenburg.
Handelsblatt said Tesla notified Dutch authorities of the breach, but the AP spokesman said they were not aware if the company had made any representations to the agency.
Tesla was not available for comment Friday.
Last month, a Reuters report showed that groups of Tesla employees privately shared through an internal messaging system sometimes highly invasive videos and images recorded by customers’ car cameras between 2019 and 2022.
This week, Facebook parent Meta was hit with a record €1.2 billion fine by its top EU privacy regulator over its handling of user data and given five months to stop transferring user data to the US.