A Guy Gets in a Tesla in Ukraine…

A Tesla driver in Ukraine got a “free ride” on Spotify, courtesy of a US Tesla owner whose car was totaled. It was one of the many ways electronic hitchhikers can access your data on so many different kinds of things. This is just the latest story of how our data lives on – and on – when we no longer own (or lease) a car with an infotainment system or Bluetooth, a copier, or a mobile device.

How did a Tesla owner in Ukraine happen to have access to a Spotify account? It happened like this.

An executive news editor at a major TV outlet recently tweeted (or X’d) that a Tesla he had totaled last year was now in southern Ukraine, and the new owner was listening to Drake on his Spotify account. Reporters tracked down what happened to their editor’s car. An online auction site scooped up the Tesla after it was totaled and listed for sale. Someone in Ukraine appears to have won the bid, and the car was shipped from New Jersey to Europe, where its new owner was able to access the editor’s personal Spotify playlists.

The editor contacted Tesla to see how he could log out of his former car, and the company instructed him to disconnect the vehicle from his account. But several steps, such as entering new owner information, were impossible. Experts in data security told reporters that simply disconnecting an account from the car does not prevent your data from being extracted. They said Tesla should have had a feature to “wipe all my info from this car” long ago.

This is far from a Tesla-specific issue. Cars, laptops, smartphones, TVs, and even refrigerators are now internet-connected devices that can store personal data.

In the office, networked copiers are used as printers and scanners and save everything that passes through them. The equipment manufacturers build this in because leases can be based on the number of pages a unit scans, copies or prints. Today’s units also have long service lives after a lease expires. So when you turn back a copier to lease a newer model, the copier company puts it back on the market. Unless you’ve taken specific steps to wipe the data clean, every document run through the copier goes on the market, too.

We must confess we don’t have access to the menus for the service functions that can wipe the data from a unit, and we haven’t found a way into them – yet. So your best resort is to contact your copier company and make sure all your personal data is wiped clean before the machine leaves your premises.

It may take a little searching through the menus for other devices, but you should be able to find the magic button that returns each of them to factory default settings. iPhones are top of mind for this now because the iPhone 15 is hitting the market later this month, and that – along with new phones from other manufacturers – triggers a spree of trade-ins to bring down the price of a new phone. You might also plan to get new computers for your office or your children for the new school year. The same principle applies. Wipe every device clean of all your data.

Along the same lines, wipe them clean if you’re renting a car and using your data on the Bluetooth and infotainment system, including iOS and Android systems that run through the radio. And make sure you log out of your TV subscriptions before checking out of your hotel room or rental home.

If you’re not sure how to wipe a device clean or log out of a subscription, call us – 973-433-6676 – or email us to walk you through the process. We recommend you do this well before you turn in your car or room key so we’re available to help. In the age of internet-connected vehicles and devices, you never know who’s going to get one of them next.

The IT Guy Stumbles, Too

Those of us in the IT field are subject to the same pressures as everyone else, and we can stumble just as easily as anyone when we’re rushing to leave on vacation – or a business trip. Here’s the story of how I almost blew it – and I’m stickin’ to it. Let it serve as a lesson for you.

It was the Friday before we were leaving for our latest (hopefully not last) family vacation (Charlie will be college-age next summer), and I was in a rush to close all our business and personal affairs before leaving the next morning. I got a call on our home landline purporting to be the bank for our main credit card wanting to question charges from Walmart and Malaysian Airlines. With one foot out the door, I wasn’t thinking straight. They said I could have a new card in three or four days, but I said I needed one tomorrow morning because we were leaving for vacation. When the caller said they’d need a supervisor to call me back, I started to think maybe the call wasn’t legit.

This was a prime example of how we get caught. Credit card fraud is a major problem that’s hit just about everyone in the world. A call like that is no surprise. When I took a deep breath, I hung up the phone, went online to my bank, and looked at my account. There were no pending charges from either place. Had I stayed on the phone call, well, I don’t want to think about it.

One problem with phone calls today is that even if you see a symbol, such as a checkmark (√) or a V in parentheses (V), it may be a spoof. It’s easy to spoof any phone number, so don’t believe it is legitimate because you see a symbol. We don’t pay attention to possible pitfalls when we’re rushing to get things done before a vacation or a business trip. We need to take a deep breath and step back before we act. Otherwise, we could come back to empty bank accounts.

One of our clients almost made a similar mistake when they got a text message about an ambulance bill. The client had gone to an urgent care, and doctors there determined they should be taken by ambulance to the emergency room. The text said their insurance carrier had declined the claim, and there was a link they could use to pay the bill. After staring at the text – after almost clicking the link to see what was going on, they looked on their carrier’s website and found no mention of the ambulance ride. The really scary part is how someone knew our client had an ambulance ride from a specific company on a particular date.

If you do make a mistake, you should call your credit company’s or bank’s fraud line and report it immediately. If you can’t get through, go online through your browser and file a report. You can usually block action on your credit card with the click of a button.

If you fear a breach, you can call us – 973-433-6676 – or email us for help. We can start to put the pieces of your puzzle together to see where your system may have been breached through your computer or mobile device and help you rebuild your security system.

Maui: A Warning About Warnings

The tragic fires that hit Maui hit us particularly hard. We have visited the places that were destroyed and mingled with the people there, and we grieve with those who lost loved ones and their homes and businesses. At the same time, Maui exposed holes in how we put together warning systems. The latest and greatest technology can’t do it all.

While everyone is enamored with text messages, it has long been our demand that if you have an emergency, call our office – 973-433-6676. Never send a text; you never know when we’ll be able to see it. If I can’t answer the phone, we have a trained answering service to get your information and determine if I need to be interrupted from whatever I’m doing to call you back. Oh, you should know that our office number is a landline. We find it most reliable, as you’ll see.

In Maui, according to reports I read, they sent text messages, made cell phone calls, sent emails, and made announcements on radio and TV. They never used a proven, low-tech means of warning: sirens. They will work as long as there is power at the sirens’ location. When you send a text or email – or make a cellphone call or broadcast on radio and TV – you never know that the recipients have power and appropriate signal transmission conditions. We just can’t rely on technology all the time.

As we look to learn how to respond better to emergencies, we have to ask the question: Do you have a disaster plan in place? Whatever you believe, we are becoming more prone to weather-related disasters anytime during the year. If a disaster hits anywhere in the country, it could affect you if you have a national base of customers/clients and/or suppliers. You may have employees anywhere in the country and local people who may or may not be able to work at home when a disaster strikes. How will you communicate with all of them?

Here are some basics:

  • Have multiple ways to contact everyone who needs to be notified.
  • Have multiple ways for people to contact you – or a designated person(s) who will coordinate disaster response activities.
  • Have “captains” who can notify groups of customers, suppliers, employees, etc., of the disaster and what each of them needs to do. The “captains” can also be the ones people reach out to for more information.
  • Use blast emails, text messages and even WhatsApp or chat groups to supplement the individual contacts. Don’t overlook any way of reaching people.

In the aftermath of a disaster, you should have a recovery plan in place to replace equipment and devices and restore your data management system.

We can help you set up and update/upgrade the systems you need to communicate disaster information and recover from a disaster. Most of our clients already have some type of plan in place, but as your business changes, your plan should keep pace with those changes. Call us – 973-433-6676 – or email us to review your disaster management plans and make the necessary changes.