According to a report from CNBC, Teslas, in particular, are packing around a tonne of unencrypted data that can be tapped into with the right knowledge of how to access it, especially when one of its cars is re-sold or totalled. CNBC spoke with two white-hat hackers identified as Theo and GreenTheOnly who purchased a wrecked Model 3 last year and were able to demonstrate the extent to which personal data can be extracted from the car.
CNBC said the researchers were able to pull not only information identifying the Boston-area construction company that owned the car, which was reportedly used by people who worked at the company, but also data that was linked to “at least 17 different devices.” The researchers also pulled videos of two of the Model 3's accidents – including the one that totalled the car – as well as the information of the contacts of passengers and drivers who had paired their phones with it.
As CNBC noted, that such data is accessible to those who know how to find it raises questions about the company’s policies for protecting user data.