Hot on the heels of Tesla CEO Elon Musk sending employees an email about possible saboteurs in their midst, it has been revealed that an ex-employee is being sued by the company for allegedly hacking into its systems and leaking company data.
Part of Tesla’s complaint against 40-year-old Martin Tripp, of Sparks, Nevada, reads as follows:
Tesla has only begun to understand the full scope of Tripp’s illegal activity, but he has thus far admitted to writing software that hacked Tesla’s manufacturing operating system (“MOS”) and to transferring several gigabytes of Tesla data to outside entities. This includes dozens of confidential photographs and a video of Tesla’s manufacturing systems.
Beyond the misconduct to which Tripp admitted, he also wrote computer code to periodically export Tesla’s data off its network and into the hands of third parties. His hacking software was operating on three separate computer systems of other individuals at Tesla so that the data would be exported even after he left the company and so that those individuals would be falsely implicated as guilty parties.
Tripp, however, is telling reporters that he is being made a scapegoat by Tesla for whistleblowing about problems inside the company:
“I am being singled out for being a whistleblower. I didn’t hack into system. The data I was collecting was so severe, I had to go to the media.”
It remains to be seen whether Tesla’s claims against Tripp will stand up or not, but one thing I do know. Despite all the attention given by the computer security industry to external hackers, insider threats are one of the most common and dangerous threats to company systems and data.