Hackers Reconstructed a Wrecked Car’s Every Move Using a Single Computer Module

Modern cars are equipped with telematics units that act as digital black boxes, continuously logging GPS coordinates, engine performance, and even pre‑crash sensor data. While these modules enable services such as emergency assistance and fleet management, most manufacturers have historically stored the information in plain text. The BYD Seal incident demonstrates that once a module is removed, the data remains intact and readable, allowing anyone with basic hardware and software tools to reconstruct a vehicle’s entire travel history.

The white‑hat team’s approach was deliberately low‑tech: they wired a custom harness to the module, used a USB flash programmer to dump the filesystem, and parsed GNSS logs with publicly available OSINT utilities. No proprietary diagnostics or back‑end manufacturer APIs were required. This simplicity reveals a broader vulnerability—any vehicle with an unencrypted telematics chip can become a privacy gold mine if the hardware falls into the wrong hands, whether through salvage yards, accidents, or theft. The exposure includes not only location but also health metrics and accident timestamps, data that could be weaponized for stalking, insurance fraud, or corporate espionage.

Regulators worldwide are responding. The European Union’s recent cybersecurity regulations now mandate encryption for vehicle data recorders, and the U.S. is considering similar measures under the NHTSA’s cyber‑security guidelines. For consumers, the immediate steps are to stay informed about a model’s data handling policies, request deletion of stored logs where possible, and consider aftermarket solutions that encrypt or wipe telematics memory. As the industry moves toward stricter standards, manufacturers that adopt end‑to‑end encryption will gain a competitive edge, while legacy fleets may require retrofits to meet emerging privacy expectations.