"TeslaMate is an open-source data logger that allows Tesla owners to self-host and visualize their vehicle's data from their own computers, such as their vehicle's temperature, battery health, and charging sessions, but also more sensitive information, like vehicle speed and the location data of recent trips. In a blog post, Kiliç said he scanned the internet for public-facing TeslaMate dashboards and scraped the vehicle's last-seen location and Tesla model names, and visualized the vehicles on a map to show their locations."
"A security researcher has found over a thousand publicly exposed hobby servers run by Tesla vehicle owners that are spilling sensitive data about their vehicles, including their granular location histories. Seyfullah Kiliç, founder of cybersecurity company SwordSec, said he found over 1,300 internet-exposed TeslaMate dashboards on the internet, likely made public by mistake, allowing anyone to access the person's Tesla data stored inside without needing a password."
More than 1,300 internet-exposed TeslaMate dashboards allow unauthenticated access to self-hosted Tesla data, including granular location histories, vehicle speed, charging sessions, battery health, and cabin temperature. Scans collected last-seen locations and vehicle model names and mapped the vehicles' positions. Many exposed servers appear to be public by mistake, lacking basic authentication or firewall rules. The count of exposed TeslaMate instances has risen significantly since 2022, increasing the risk of privacy breaches and potential physical security concerns for vehicle owners.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]