Threat actor “IntelBroker” has leaked what they claim is a database tied to Tesla's electric vehicle (EV) charging stations.
The post, shared on the hacking forum BreachForums, suggests that the breach resulted from an attack on a third-party development company responsible for managing Tesla-related data in the Middle East. The leak reportedly includes sensitive information from approximately 116,000 user records, including full names, payment details, and vehicle information.
The threat actor claims that the information includes:
- Full names
- Geographical locations
- Payment details
- Vehicle identification numbers (VINs)
- Car makes and models
IntelBroker stated that the compromised information pertains to users of Tesla-operated EV charging stations in the Middle East, primarily within the UAE. Interestingly, the dataset was made freely available to download rather than being sold, which is a common tactic for the particular hacker.
The threat actor acknowledged that the breach did not directly involve Tesla's systems but stemmed from a vulnerability in a third-party vendor, reportedly linked to Numocity, a company specializing in EV charging solutions and software.
Tesla, a global leader in electric vehicles and renewable energy solutions, operates a network of proprietary EV charging stations known as Superchargers. These stations facilitate rapid charging for Tesla vehicles and have increasingly supported third-party EVs in specific regions.
Numocity is a software company specializing in digital platforms for EV charging and energy management. Based in India, the company provides services that integrate charging station operations, payments, and analytics. If the leaked database is indeed linked to Numocity, it underscores the risks posed by third-party partnerships in handling sensitive user data.
The leaked samples shared by IntelBroker appear to include structured datasets, complete with VIN numbers, charging session timestamps, energy consumption, and payment transactions. These details match the type of data typically collected by EV charging infrastructure to facilitate customer transactions and manage station usage. The inclusion of VINs and user details suggests that the database could be authentic, though this has not yet been independently verified.
Tesla has not commented on the incident despite our attempts to get a confirmation about the data's authenticity.
IntelBroker on a roll
IntelBroker is a well-known figure in cybercrime circles with a history of leaking data from high-profile companies. Most recently, the group claimed responsibility for a breach involving
Ford Motor Company, where sensitive customer data was similarly exposed via a third-party vendor.
While Tesla users in the UAE appear to be the primary victims of this breach, the implications extend beyond the immediate dataset. Exposed personal and payment information can lead to identity theft, financial fraud, or phishing campaigns.
Affected users are recommended to:
- Monitor financial accounts for unauthorized transactions.
- Be cautious of phishing emails or scams referencing Tesla or EV services.
- Consider changing associated account passwords and enabling multi-factor authentication where possible.
