The hack was brought to Tesla's attention by the cybersecurity startup RedLock’s Cloud Security Intelligence (CSI) team.
The electric vehicle company was reportedly running one of hundreds of open-source systems the CSI team found accessible online without password protection. The exposure allowed hackers to access Tesla’s Amazon cloud environment, RedLock said.
“We weren’t the first to get to it,” Varun Badhwar, CEO and cofounder of RedLock, told Fortune.
“Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment.”
According to the source, Tesla paid RedLock over $3,000 as part of its bug bounty program, which rewards people who find vulnerabilities in the company's products or services that could be exploited by hackers.
"We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," a Tesla spokesperson told Business Insider.
Tesla said it believes the hack was limited to the company's test cars and did not affect any vehicles owned by its customers.