Threat Management, Threat Management, Vulnerability Management

Attacker, posing as Tesla employee, gained access to car co.’s Twitter

Attackers were able to compromise Telsa's and co-founder Elon Musk's Twitter feeds over the weekend by calling AT&T customer service and posing as a Tesla employee to convince the phone company to forward calls to a phony number.

The perpetrators then contacted the domain host for teslamotors.com using the phony number to add a bogus email to the admin account, according to a statement that Tesla sent to Forbes. They then reset the password to the admin accounts and rerouted website traffic to an illegitimate website. From there, they gained access to Twitter accounts belonging to the company and Musk where they posted false claims.

Tesla said corporate or customer systems and databases weren't compromised and everything has been "restored to normal." Tesla is known for richly rewarding those who responsibly disclose vulnerabilities in their platform.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.