Infamous threat actor targets Tesla, gets immediately roasted by cyber pros


Data supposedly belonging to Tesla customers has been leaked by the threat actor IntelBroker. But all isn’t as it seems.

Reports that Tesla’s customer data was leaked by the threat actor IntelBroker have surfaced across X.

IntelBroker is an infamous attacker usually behind high-profile breaches. He is believed to be responsible for hacking Europol’s Platform for Experts (EPE) and a security breach at DC Health Link, a health insurance company, which resulted in the exposure of 170,000 records and the following congressional hearing.

ADVERTISEMENT

IntelBroker leaked data from PandaBuy and HomeDepot, and stole data from General Electric, the US Citizenship and Immigration Services (USCIS), US cellular carriers, and Facebook Marketplace.

The X account, International Cyber Digest, posted a thread about the Tesla leak after an interview with the threat actor.

The thread said that IntelBroker worked through various systems to reach four Azure storage buckets that supposedly held files containing customer data.

There were allegedly 116,000 rows of customer data originating from the Middle East and the United Arab Emirates.

Niamh Ancell BW jurgita Paulius Grinkevicius Gintaras Radauskas
Get our latest stories today on Google News

The leaked data allegedly includes:

  • Full names
  • Locations
  • Payment information
  • Vehicle identification numbers (VIN numbers)
  • Car make and model

The Cybernews research team has verified the legitimacy of the data. However, this data most likely doesn’t come directly from Tesla as it includes different car brands, locations, and charging station providers.

ADVERTISEMENT

“Tesla usually only tracks its own vehicles and stations, so it’s unlikely they are the source,” Cybernews information security researcher Neringa Macijauskaite said.

“The data seems to be from one or more electric vehicle charging networks, management systems, or apps.”

The data also includes different car brands like Peugeot, Audi, Porsche, and Tesla alongside different locations like Dubai, Puerto Rico, and Oman. It seems to have come from different charging station providers.

According to our researchers, the variety of vehicles and locations suggests that the data originates from a multi-operator electric vehicle charging platform or company managing multiple networks. However, the exact source of the leak isn’t clear.

While information like station locations, car models, and tariffs aren’t very sensitive, one dataset included users' emails, which could be exploited by threat actors and used in phishing attacks or other cyber scams.

Updated November 22nd, 2024: According to FalconFeeds on X, the prolific threat actor IntelBroker claims that the "Tesla" leak didn't come from the electric vehicle maker. Instead, it involved the third-party electric vehicle charging company Numocity, which supposedly had access to Tesla's data.