Tesla, the electric car giant, has identified two former employees as the culprits behind a significant data breach last May. This breach leaked the personal details of over 75,000 individuals, including Tesla‘s own staff members.

Steven Elentukh, Tesla’s data privacy officer, reportedly revealed in a report to Maine’s attorney general office that the confidential information found its way to the German media outlet Handelsblatt.

This compromised data wasn’t minor; it encompassed “name, address, phone number and social security numbers,” as detailed in Tesla’s August 18 submission. Promptly recognizing the insiders responsible, Tesla took decisive measures.

“At the time, Tesla identified the employees who leaked the data, filed lawsuits against them and seized their devices,” the company announced.

However, this isn’t Tesla’s first brush with data concerns. Earlier in April, Reuters highlighted incidents where Tesla staff members had informally exchanged customer data, including imagery from car cameras.

American companies, once aware of sizeable data breaches, are mandated by law to report them. However, the specifics of this legal requirement differ across states.