Something like this was bound to happen at some point.
Now that Tesla has its fire debacle sorted out and solved, another serious issue is now arising. According to a new report, a corporate security consultant, who also happens to be a Tesla owner, announced at a security conference in Singapore that he found several design flaws in his car’s security system. Nitesh Dhanjani didn’t find any software problems, but he said that "we cannot be protecting our cars the way we protected our (computer) workstations, and failed."
So what flaw did he find then? Apparently, if a Model S’s security password is stolen or even cracked then it’d be entirely possible for someone to gain entry inside the vehicle. They wouldn’t be able to start it up and drive off (a key fob needs to be used for that), but they could easily steal everything inside. Dhanjani also stated it’s not so difficult for owners’ passwords to be compromised. A thief could just guess an owner’s password on the Tesla site, which doesn’t restrict incorrect login attempts. They could also steal the password by hacking into someone’s personal computer. And a stolen password can lead to serious problems.
As soon as a new Model S is ordered, customers setup a six-character password which is used to enter Tesla’s mobile phone app and to gain access to the owner’s online account. The app can be used to unlock the car remotely along with other abilities. "It’s a big issue where a $100,000 car should be relying on a six-character static password," Dhanjani summarized.