Questions investors should be asking after Tesla’s recent cyber incident: What would the financial impact have been if it was successful, and how well positioned is the company to minimize the risk?


A Tesla employee prevented an alleged ransomware attack on the company earlier this month, according to an unsealed criminal complaint from the FBI. According to the complaint, the alleged criminal, Egor Igorevich Kriuchkov, attempted to recruit the Tesla employee outside Reno where the “Gigafactory” manufacturing facility is located.

CEO Elon Musk referred to the attack as “serious” on Twitter.



Much of the focus has been on the possible parties and motives behind the attack. But what matters for investors is that Tesla’s operations could have been disrupted and potentially caused significant financial damage. The operational disruption risk is the reason Musk referred to it as a ‘serious attack’. If the attempt was successful, it is possible that the ransomware incident could have adversely impacted production at the Gigafactory.

Tesla has encountered public cyber incidents before. In September last year, we explained some of the operational risks the company faces:

Since its inception, Tesla has operated more like a software company 
than an automobile company. Its’ characteristic ‘speed and agility’ created competitive advantages by enabling the company to roll out innovations much quicker than competitors. But a greater reliance on software has also resulted in greater cyber vulnerabilities that have in turn led to occasional operational flaws in the cars. The theft of sensitive documents from Tesla and other major auto companies (VW, GM, Toyota), disclosed in June 2018, further highlights the significant risks that extend through the supply chain, in this case a third party robotics vendor. The breach of Tesla’s autopilot is a reminder that as a company that relies upon software to operate (and has used its software as the market differentiator), its ability to manage the downside impacts of the same technology is critical to its financial future. Currently, however, Telsa’s investors and customers have no way of knowing how well the company 
is doing in this regard until a breach occurs.

The questions investors should be asking isn’t ‘who was responsible for this attempted hack?’ but how financially damaging would a cyber-related operational disruption be to Tesla and how well prepared is the company to minimize the risk?

A quick look at the impact of recent cyber incidents is a good example why:

Ex-post eventEconomic loss as a % of operating income
ISS World33%
CognizantEst. 9-13% pending earnings
Pitney Bowes14%

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website