Hacker who purchased used Tesla console units from eBay says personal data including passwords, call logs, contact information was still retrievable even after full factory reset
- Tesla console units retain personal information of past owners even after reset
- Hacker said passwords, call logs, contact info and more are accessible
- The breach appears to be caused by the fact that Tesla’s system doesn’t actually erase information on the hard drive until new information overwrites it
Tesla’s onboard computer systems may not be as secure as some think.
According to a cybersecurity researcher who goes by the handle ‘greentheonly,’ hackers could retrieve a wealth of personal information from old Tesla dashboard systems, even after a full factory reset.
The discovery was made after ‘greentheonly’ received 13 media control units (MCU) from old Teslas, 12 of which were purchased through eBay, and one of which came from a friend.
Tesla media control units retain a large store of personal information about their past owners, even after full factory resets, including call logs, contact information, calendar appointments, and passwords for a range of third-party apps, including Spotify and Gmail
Though each unit had gone through a factory reset to wipe all of the previous owner’s personal information, ‘greentheonly’ was able to retrieve a wide range of passwords, GPS coordinates and more.
The hacker was able to access full contact lists from previous owners, call logs, calendar information, and account ID and passwords for the third party apps that run on the console, including Spotify, Netflix, Gmail, YouTube and more.
The MCUs also record a screenshot of the car’s location on the built-in GPS every time the car wakes up, and the system keeps a record of the last 50 screenshots, all of which were accessible.
According to ‘greentheonly,’ the information was accessible because Tesla’s systems use SQLite databases.
Because of how they’re, coded SQLite databases don’t actually delete information until the specific blocks on the hard drive are overwritten with new information.
According to cybersecurity researcher ‘greentheonly,’ the issue is caused by Tesla’s use of SQLite databases, which don’t actually delete information on a hard drive until it’s overwritten by new information
A factory reset causes the Tesla operating system to treat the hard drive blocks as free, but the previous information written on them remains there until the system has some reason to overwrite them.
In an interview with ArsTechnica, ‘greentheonly’ said that old Tesla console computers were relatively easy to acquire on the used market.
‘It looks like some service center employees sell intact units on the side instead of returning them (I imagine they just create a record of destruction/disposal internally),” ‘greentheonly’ said.
‘I know some people running salvage yards that say that’s one source of units they have for sale.’