a Tesla cloud account that contained sensitive data , including telemetry data from the company ’ s electric cars , according to a report by security company RedLock . Details about Tesla cloud account breachAttack.Databreachwhere included in RedLock report as an example of the cyber-security threats face enterprises that store sensitive data and run important business applications on cloud services . RedLock ’ s Cloud Security Intelligence team found that the Tesla breachAttack.Databreachresulted from the exposureAttack.Databreachof Amazon Web Services security credentials after hackers penetratedAttack.DatabreachTesla ’ s Kubernetes console , which was not password protected This led to the exposureAttack.Databreachof the company ’ s Amazon S3 cloud account , which contained sensitive data including the Tesla vehicle telemetry . What was most remarkable about the CSI report was that the problems that affect on premises infrastructure are the same ones that affect cloud infrastructure . The difference is that most organizations have learned over the years to provide at least some level of protection for their on premises infrastructure and assets . Unfortunately , it appears that the same isn ’ t true of their cloud resources . Part of the problem , it appears , comes from a lack of familiarity with managing cloud services . But security for those services does exist is readily available . Amazon , for example regularly sends out emails to AWS users explaining what security measures , products and services are available for its cloud environments . Unlike private , on-premises environments , the public cloud is just that—public . That means it can be accessed by anyone , including an attacker that possesses the credentials that can enable access from anywhere . What that means is that access security is even more important , because you have no means of preventing a criminal from trying to gain access . But it also means that monitoring your cloud environment is just as important as your on premises physical environment . Monitoring at least provides a way to find an attacker that ’ s gotten past your access controls . The CSI team also recommends a “ deny all ” setting on your firewall for outbound cloud traffic , and setting your cloud so that configuration changes are automatically reported . The key here is to remember that while the cloud provider can play a role in helping ensure your cloud is secure , they can ’ t do it alone . It ’ s your part of the cloud , your data , and you ’ re paying for those computing assets . It ’ s your job to make sure they ’ re secure .