Personal data may be recovered from used Tesla parts, hacker says, even after factory reset

Hacker who bought used Tesla console units from eBay says personal data, including passwords, call logs and contact information, was still recoverable even after a factory reset complete.

  • Tesla console units retain former owners’ personal information even after reset
  • Hacker said passwords, call logs, contact information and more are accessible
  • The violation appears to be caused by the fact that Tesla’s system does not actually erase information on the hard drive until new information overwrites it.

Tesla’s embedded computer systems may not be as secure as some people think.

According to a cybersecurity researcher who goes through the handle “ in peace ”, hackers could recover a wealth of personal information from old Tesla dashboard systems, even after a complete factory reset.

The discovery was made after ‘greentheonly’ received 13 media control units (MCUs) from the old Teslas, 12 of which were purchased through eBay, and one of which came from a friend.

Tesla multimedia control units retain a large amount of personal information about their previous owners, even after the factory reset, including call logs, contact information, calendar appointments, and passwords for a range of third-party apps, including Spotify and Gmail

Tesla multimedia control units retain a large amount of personal information about their previous owners, even after the factory reset, including call logs, contact information, calendar appointments, and passwords for a range of third-party apps, including Spotify and Gmail

Although each unit has undergone a factory reset to clear all of the previous owner’s personal information, “greentheonly” was able to recover a wide range of passwords, GPS coordinates and more.

Hacker was able to access complete contact lists of previous owners, call logs, calendar information, and account ID and passwords for third-party applications running on the console, including Spotify, Netflix, Gmail, YouTube and more.

READ:   NEW APPS on iPhone and iPad this week

The MCUs also record a screenshot of the car’s location on the built-in GPS each time the car wakes up, and the system keeps a record of the last 50 screenshots, all of which were accessible.

According to “greentheonly”, the information was accessible because Tesla’s systems use SQLite databases.

Due to their nature, encoded SQLite databases do not actually delete information until specific blocks on the hard drive are replaced with new information.

Cybersecurity researcher 'greentheonly' says the problem is caused by Tesla's use of SQLite databases, which do not actually delete information from a hard drive until it is overwritten with new information

Cybersecurity researcher 'greentheonly' says the problem is caused by Tesla's use of SQLite databases, which do not actually delete information from a hard drive until it is overwritten with new information

Cybersecurity researcher ‘greentheonly’ says the problem is caused by Tesla’s use of SQLite databases, which do not actually delete information from a hard drive until it is overwritten with new information

A factory reset causes the Tesla operating system to treat hard drive blocks as free, but the previous information written to it remains there until the system has reason to overwrite it.

In an interview with ArsTechnica, ‘greentheonly’ said that old Tesla console computers were relatively easy to acquire on the used market.

“It appears that some service center employees are selling intact units on the side instead of turning them over (I imagine they are just creating an internal destruction / disposal record),” said “greentheonly.”

“I know people who run salvage yards who say it’s a source of units they have for sale.”

Publicity

Leave a Reply