Story image

Tesla takes ex-employee to court for hacking and sharing confidential info

22 Jun 18

Tesla has taken a former employee to court for allegedly hacking company data and handing it over to third parties.

According to court documents filed with the US District Court (District of Nevada) this week, Martin Tripp was hired as a process technician at Tesla’s Nevada Gigafactory in October 2017.

He had access to some of Tesla’s highly sensitive information, including the manufacturing process for battery module manufacturing. He was also required not to disclose or use Tesla’s information beyond his role with tesla.

However, he believed his role as process technician was not enough of a senior role for him. Managers also reported poor job performance and disruption and Tripp was reassigned to another role on May 17, 2018.

Tesla alleges that Tripp took wilful and reckless actions against the company by stealing confidential and trade secret information, and sharing that information with third parties. He also allegedly made false statements to harm the company.

Between June 14-15 Tesla investigators interviewed Tripp. While initially denying misconduct, he then admitted to writing software that hacked Tesla.

“Tesla has only begun to understand the full scope of Tripp’s illegal activity, but he has thus far admitted to writing software that hacked Tesla’s manufacturing operating system (“MOS”) and to transferring several gigabytes of Tesla data to outside entities. This includes dozens of confidential photographs and a video of Tesla’s manufacturing systems,” the court documents say.

Tripp also wrote code that would export data from Tesla’s network to third parties by loading the ‘hacking software’ onto other employees’ computers. The software would continue to export, even after he left the company and falsely implicating the other computer users.

According to the documents, Tripp is accused of:

  • Writing software to hack Tesla’s MOS
  • Divulging confidential and proprietary information in violation of his Proprietary Information Agreement and duties to Tesla
  • Providing third parties with unauthorized access to proprietary information contained in Tesla’s electronic devices and systems
  • Taking and sharing with third parties dozens of photographs of Tesla’s manufacturing systems
  • Taking and sharing with third parties a video of Tesla’s manufacturing systems
  • Falsely modifying Tesla’s proprietary information before sending it to third parties
  • Making false claims to third parties about the information that he wrongly took.

He also tried to recruit other people inside the Gigafactory in order to distribute the confidential information.

Tesla also alleges that Tripp made false statements to the media about the stolen information.

“For example, Tripp claimed that punctured battery cells had been used in certain Model 3 vehicles even though no punctured cells were ever used in vehicles, batteries or otherwise. Tripp also vastly exaggerated the true amount and value of “scrap” material that Tesla generated during the manufacturing process, and falsely claimed that Tesla was delayed in bringing new manufacturing equipment online,” the court documents state.

Tesla says it has already suffered ‘significant and continuing damages’ as a result of Tripp’s misconduct.

“Tesla derives independent economic value from the fact that its confidential, proprietary, and trade secret information is not generally known to the public and not readily ascertainable through proper means. Tesla has taken, and continues to take, reasonable measures to keep that information secret and confidential,” the court documents state.

Tesla is seeking a jury trial with the intent of receiving injunctive relief, compensatory damages (yet to be determined), punitive and exemplary damages, prejudgment interest, legal fees and expenses, and other forms of ‘relief’.

Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.