These modules can store incredibly granular data about the car, including its mechanical condition and its physical location. That data can persist after the module has been removed from the car. In many cases, that data remains unencrypted, meaning that if somebody can get physical access to one of the car’s modules, they can work backward to reconstruct every mile the car has ever traveled.

And a group of white hat hackers proved it using the telematics unit (the module that handles anything related to telephonic/internet connectivity) obtained from a wrecked BYD Seal. They bought the module used, virtually guaranteeing that it would have customer data on it (a new car would not have any trips to log, after all). Lacking the proper adapter to read the data stored in its memory, they had to wire up their own harness to let it talk to a USB flash tool—picture the tuner you use to change fuel maps in your modified car, only without the whole OBDII interface.

“From there, the ubireader tool allowed us to obtain the full filesystem for the modem, custapp and system partitions,” the hackers put in their report. “With the files extracted, we could focus our attention on the root filesystem (rootfs) and user space (usrfs) to look for interesting or hidden artifacts.” And because none of this was encrypted, that turned out to be relatively trivial. “By parsing the GNSS logs, we reconstructed the full life of the vehicle from its production in a factory in China, through its operational life in the United Kingdom, to its final dismantling in Poland,” they said.

“Every movement and stop along the way is captured in the logs, giving a complete picture of the vehicle’s journey.” This required more than just the data on the chip, but it didn’t require any specialized tools or access to any private databases. Public OSINT tools were more than enough. What’s OSINT?

That stands for “Open-Source Intelligence,” and it’s a fancy way of describing the various ways you can stalk people on the internet without having to pay for the privilege. With this simple two-pronged approach, they could link anomalous data points to real-world events. “Mapping these coordinates highlights the vehicle’s full journey across countries,” they said.

“While most movements follow expected routes, during its time in the UK we observed a cluster of GPS points at a single location, standing out from the usual travel patterns.” When they ran a simple Google search with time-and-date constraints, they found social media posts about an overturned BYD Seal that had been involved in an accident, explaining the long string of stationary GPS returns. The car was on its side. What data is typically stored in automotive computer modules?

Time and date: Logs of when the vehicle is on, operational, or charging (if electric). Location data: GPS coordinates are logged by the telematics software. Vehicle health data: Fluid life (oil/coolant/accessory), engine hours, emissions fault codes and maintenance-related statistics.

Accident/event data: Many have a “black box” feature that can preserve data about the vehicle from the moment of (and directly preceding) an accident. As we noted above, automakers (and regulators) have recently become more strict about encryption, and since the BYD Seal is manufactured in China, well, that’s a whole other kettle of fish. But we’re now three decades in to the GPS navigation fad, and there’s no shortage of older cars that could potentially serve as intelligence gold mines if they were to fall into the wrong hands.

Even Tesla hasn’t always been immune from similar vulnerabilities, and that’s a manufacturer that brags about its encryption. The solution? For one, don’t buy a Chinese car.

If you’re here in America, that’s not much of a concern, but even absent that risk, many vehicles likely have similar lurking vulnerabilities. Your best bet is to buy old, and buy cheap. Luxury cars pioneered this stuff, don’t forget.

Got a news tip? Let us know at tips@thedrive.com!