• Discounts and special offers
  • Subscriber-only articles and interviews
  • Breaking news and trending topics

Already a subscriber?

By signing up, you accept Moneywise's Terms of Use, Subscription Agreement, and Privacy Policy.

Not interested ?

Top Stories
Elon Musk looking concerned with his hands folded near his face Frederic Legrand - COMEO / Shutterstock

Tesla paid a Russian hacker $15,000 per bug found — then he cracked open the case that cost them $243 million

For years, Tesla treated a ponytailed, Russian-born tinkerer in Nashville as an asset. The man, known online only by the handle GreenTheOnly — "Green," to those who work with him — had been cracking open Tesla's computers since buying his first Model X in 2017, feeding the flaws he found back to the company through its bug bounty program. According to Business Insider, which published a deep investigation into his role on July 1, a member of Tesla's security team offered him $15,000 for each software vulnerability he resolved.

Then Green turned that same skill against the company. Working from a forensic copy of a crashed Model S's Autopilot computer, he recovered the "collision snapshot" Tesla had long insisted it didn't have — data that helped land Elon Musk’s car company with a $243 million verdict, the largest ever handed down against it and the first time a jury found Tesla liable in a wrongful-death case tied directly to its Autopilot system.

Advertisement

Tesla's public bug bounty program, run through the platform Bugcrowd, has advertised rewards from hundreds to tens of thousands of dollars per qualifying finding. This kind of "white hat" arrangement is common across Silicon Valley, where tech companies pay independent researchers to find holes before criminals do. Green, by his own account, stumbled into Tesla's systems while investigating whether the company was using open-source code without publishing it, and his curiosity only deepened from there.

Read the best of Moneywise in 5 minutes or less.

By signing up, you accept Moneywise Terms of Use, Subscription Agreement, and Privacy Policy.

Benavides v. Tesla

The crash at the center of the case happened just after 9 p.m. on April 25, 2019, on a dark, two-lane stretch near Key Largo, Florida. George McGee, driving a 2019 Model S with Autopilot engaged, dropped his phone and bent to retrieve it. The car blew through a stop sign and a flashing red light at roughly 62 mph and slammed into a parked Chevrolet Tahoe. Naibel Benavides Leon, 22, was standing beside the SUV with her boyfriend, Dillon Angulo. She was killed, while he was critically injured.

To prove their case, Angulo and Leon’s family needed the Autopilot computer's record of what the car's cameras had seen in the final seconds — a package of crash data that Tesla vehicles automatically transmit to company servers after a collision. Tesla said it never had the full file. A service-center technician who plugged in the computer years earlier had pronounced the data corrupted. That story held up until the plaintiffs recovered the original hardware from the Florida Highway Patrol in 2024 and brought in Green, who had built a following for recovering data from wrecked Teslas and posting his findings — the same work that once made him useful to Tesla.

Green warned the legal team not to simply power the units on, as Tesla had suggested. Doing that near an internet connection, he said, was "exactly the advice I would give" if the goal were to destroy evidence, since Tesla's standard practice marked local crash data for deletion after uploading it. Instead, he worked from a forensic clone.

Must Read

Join 250,000+ readers and get Moneywise’s best stories and exclusive interviews first — clear insights curated and delivered weekly. Subscribe now.

A ThinkPad and a Starbucks hot chocolate

In October 2024, the plaintiffs' attorneys flew Green to Miami and sat with him inside a Starbucks near the airport. He fired up his ThinkPad laptop, plugged in a flash drive holding the forensic copy, and — over a Venti-size hot chocolate — found the missing data within minutes. It included the collision snapshot and confirmation that Tesla had received the file within moments of the crash. The attorneys high-fived behind him, according to The Washington Post.

"For any reasonable person, it was obvious the data was there," Green told WaPo, who spoke to the pub anonymously out of fear of retribution.

Advertisement

Green did not testify at the trial. But the augmented video he built from the recovered data — which showed the system detecting the parked truck, the stop sign, and a glimpse of the two people standing behind it, then doing nothing to stop — became a centerpiece of the plaintiffs' presentation.

On August 1, 2025, a Miami federal jury found Tesla placed the Model S on the market with a defect that was a legal cause of the harm. It assigned Tesla 33% of the fault and awarded $243 million — $19.5 million to the Benavides family, $23.1 million to Angulo, and $200 million in punitive damages. Tesla had rejected a $60 million settlement offer before trial. In February 2026, a federal judge refused to throw out the verdict, writing that the evidence "more than supports" it. Tesla is appealing at the Eleventh Circuit.

Tesla has disputed the claim that the company hid anything. Its attorney told jurors the company's handling of the data had been "clumsy" rather than deliberate, saying, "We didn't think we had it, and we found out we did." In its post-verdict statement, the company called the outcome "wrong" and insisted no car in 2019 or today could have prevented the crash, describing the case as "a fiction concocted by plaintiffs' lawyers blaming the car." Tesla did not immediately respond to Moneywise’s request for comment.

Green's work has fed a wave of similar suits, even as Musk builds out his empire — SpaceX went public in June in the largest IPO on record, raising $75 billion, and Tesla continues expanding its camera-only robotaxi fleet. But Green says Tesla has wisened up and made it significantly more difficult to access vehicle data. He told WaPo: "If an accident happened today like this, I won't be able to extract the data."

You May Also Like

Share this:
Dave Smith Editor-in-Chief

Dave Smith is the VP of Content at Wise Publishing and Editor-in-Chief at Moneywise and Money.ca. His work has also been published in Fortune, Business Insider, Newsweek, ABC News, and USA Today.

more from Dave Smith

Explore the latest

Disclaimer

The content provided on Moneywise is information to help users become financially literate. It is neither investment, tax nor legal advice, is not intended to be relied upon as a forecast, research or investment advice, and is not a recommendation, offer or solicitation to buy or sell any securities, enter into any loan, mortgage or insurance agreements or to adopt any investment strategy. Tax, investment and all other decisions should be made, as appropriate, only with guidance from a qualified professional. We make no representation or warranty of any kind, either express or implied, with respect to the data provided, the timeliness thereof, the results to be obtained by the use thereof or any other matter. Advertisers are not responsible for the content of this site, including any editorials or reviews that may appear on this site. For complete and current information on any advertiser product, please visit their website.

†Terms and Conditions apply.

Sign up free.

Join 250,000+ readers by activating your free account. Get our newsletter, a Warren Buffett investing guide, and commenting access on stories.

By signing up, you accept Moneywise Terms of Use, Subscription Agreement, and Privacy Policy.

Already signed up?