Tesla Statement On Recent Website/Twitter Hacking

APR 27 2015 BY JAY COLE 8

Tesla CEO Elon Musk's Twitter Promised Free Cars...For Awhile (@elonmusk)

Tesla CEO Elon Musk’s Twitter Promised Free Cars…For Awhile (@elonmusk)

As many know by now, Tesla’s website, Twitter account (along with the CEO’s Twitter) were all hacked over the weekend.

And while it took the company a solid hour or so to retrieve both its and Elon Musk’s Twitter accounts, it took much longer for the website to be recovered.   Full details on the event can be found here.

It turns out the whole ordeal was apparently because AT&T’s customer support was not so good.

To that we say, “What new?”

Now Tesla has issued a statement on how it all went down.

Tesla's Twitter Under Attack This Weekend (click to enlarge)

Tesla’s Twitter Under Attack This Weekend (click to enlarge)

“This case is under investigation, here’s what we know: Posing as a Tesla employee, somebody called AT&T customer support and had them forward calls to an illegitimate phone number. The impostor then contacted the domain registrar company that hosts teslamotors.com, Network Solutions. Using the forwarded number, the imposter added a bogus email address to the Tesla domain admin account. The impostor then reset the password of the domain admin account, routed most of the website traffic to a spoof website and temporarily gained access to Tesla’s and Elon’s Twitter accounts.

Some customers may have noticed temporary changes to www.teslamotors.com on their browsers or experienced difficulty when using our mobile app to access Model S. Both were due to teslamotors.com being re-routed.

Our corporate network, cars and customer database remained secure throughout the incident. We have restored everything back to normal. We are working with AT&T, Network Solutions, and federal authorities to further investigate and take all necessary actions to make sure this never happens again.”

Categories: Tesla


Leave a Reply

8 Comments on "Tesla Statement On Recent Website/Twitter Hacking"

newest oldest most voted

Shucks. I was going to suggest Byzantine Fault Tolerance but that won’t defend against social engineering of third parties who control your domain.

Network Solutions again demonstrates they are the high cost, low performance leader.

Why do you think Network Solutions is responsible? The Tesla press release as a bit vague (and rightly so), but from what I gather, it was AT&T that didn’t do enough validation before activating the forwarding.
Presumably NS uses callback to the customer’s number to verify phone requests — if they did, they would have gotten the hacker’s # due to the forwarding.

Don’t be so quick to blame AT&T for this. I’m sure it will turn out that a few errors were made by Tesla as well. But they won’t be quick to volunteer those …

I would totally blame AT&T for this. The whole hack as described by Tesla is totally doable and for any other customer of AT&T’s. Sprint MPS customers too for that matter! Unless they’ve improved their security measures in the past decade?

This is social engineering and proves that the weakest link to any security system is the human being on either end.

Did the hack end up with 56 million customer’s data (including credit cards) in the hands of hackers? Like Home Depot?

Or 76 million customers of JP Morgan Chase having their personal information hacked?

Did the hackers collect 1.2 billion username and password combinations, plus 500 million email addresses, like the CyberVor hack?

Did they steal $1 billion from more than 100 Tesla locations in 30 countries, like Carbanak malware/gangs did from Bank ATM’s about a year ago?

no, no, no, and no. This hack was certainly annoying, but we should put it in the correct context.

What will stop hackers from hacking Tesla cars?

What is to stop hackers from hacking any variety of cars from any number of car makers through OnStar, Mercedes mbrace, BMW Assist, Lexus Enform, Ford Sync, etc?

Internet connected cars is quickly becoming more the norm than the exception. If you are that worried about being hacked, you will have to go full Battlestar Galactica and institute a complete network ban.

I see a business opportunity for firewalls and anti-hack software for internet connected vehicles.