A security researcher has found over a thousand publicly exposed hobby servers run by Tesla vehicle owners that are spilling sensitive data about their vehicles, including their granular location histories.

Seyfullah Kiliç, founder of cybersecurity company SwordSec, said he found over 1,300 internet-exposed TeslaMate dashboards on the internet, likely made public by mistake, allowing anyone to access the person’s Tesla data stored inside without needing a password.

TeslaMate is an open-source data logger that allows Tesla owners to self-host and visualize their vehicle’s data from their own computers, such as their vehicle’s temperature, battery health, and charging sessions, but also more sensitive information, like vehicle speed and the location data of recent trips.

In a blog post

See Full Page