As a Monday morning quarterback of Tesla, I'm really curious to see how this turns out. On the one hand, I see whistle blowers as heroes and if they have information about dangerously using unsafe batteries, then that's great.
On the other hand, if the early allegations are true that the employee was altering code and logging in under usernames other than their own to do so, that sure doesn't feel like whistleblowing.
The civil complaint doesn't say anything about logging under other usernames, just that his data-scraper-exporter was running on other people's machines:
> His hacking software was operating on three separate computer systems of other individuals at Tesla so that the data would be exported even after he left the company and so that those individuals would be falsely implicated as guilty parties.
I guess it's possible that Tripp did indeed add some code that explicitly tried to frame actual employees. But the fact that his code ran on other people's computers, without any other specific evidence (which may be forthcoming, of course) does not necessarily entail that he intended to frame people.
In just about any office I can see it being pretty trivial to walk over to a co-worker's PC and insert a USB drive and run a program. It would take seconds, and unless all employees lock their PCs 100% of the time even if they walk away for a few seconds, there isn't much in the way of "opsec" that can stop it (just things like cameras that can find the guilty party after the fact).
Things like disabling USB ports or requiring passwords to be entered constantly for everything would most likely impact the business enough that it would be more harmful than any single instance of stolen IP, and even then they only reduce the likely hood of an attack like this, they don't stop it.
On the other hand, if the early allegations are true that the employee was altering code and logging in under usernames other than their own to do so, that sure doesn't feel like whistleblowing.