Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.

Introduction

A Tesla Model X that was totaled in the U.S. resurfaced online in Ukraine, months after its former owner received unexpected notifications on his phone. The new owners in Ukraine were even able to access the previous owner’s Spotify app. This raised concerns about security risks associated with restored totaled cars.

According to the CTO of automotive security firm Canis Labs, there is indeed a security risk with restored totaled cars. The credentials to internet services are often left in the vehicle electronics, allowing anyone who gets hold of the electronics to use them. This is not limited to Tesla cars, as internet-connected devices like cars, laptops, smartphones, refrigerators, and TVs can store personal data.

Dealers and owners need to be aware of the potential privacy issues with their vehicles.

The Tesla Model X ended up in Ukraine after being listed for sale on an online auction site called Copart. Copart specializes in damaged or totaled vehicles with salvage titles, which can legally be sold overseas. This practice of selling totaled vehicles to salvage auctions and then shipping them overseas has been happening for decades and has become more prevalent with the rise of digital auctions.

Tesla support staff advised the former owner to disconnect the car from his account to prevent further access to connected apps. However, even after disconnecting, data can still be extracted from the car’s electronics. Experts recommend being cautious with personal information shared with vehicles, purging data after use, and avoiding unnecessary data sharing.

Automotive cybersecurity experts suggest that car manufacturers should have features like remote wipe and account disconnection to enhance security and protect user data.