Old Cars 'Tell Tales' by Storing Data That's Never Wiped

Published: 1 day ago (April 18, 2026 at 05:34 PM EDT)

1 min read

Source: Slashdot

Report Summary

Research and development engineer Romain Marchand of Paris‑based Quarkslab obtained a telematic control unit (TCU) from a salvage yard in Poland. Marchand tore down the TCU, which is based on a Qualcomm system‑on‑chip, and extracted the Linux‑based file system from the Micron multi‑chip package (MCP) that contained NAND‑based non‑volatile storage memory.

The non‑volatile storage held sensitive information, including system configuration data and, more importantly, logs that revealed the vehicle’s GPS positions over time. None of that information was encrypted, which made it possible to collect and retrieve sensitive data of interest.

The global navigation satellite system (GNSS) logs with GPS positions covered the BYD’s full journey—from the factory in China, through its operational life in the United Kingdom, to its final wrecking in Poland. The issue is not restricted to BYD; Marchand noted that the hardware architecture of the Chinese car maker’s TCU is broadly similar to what can be found in other brands.

Old Cars 'Tell Tales' by Storing Data That's Never Wiped

Report Summary

Related posts

It Takes 2 Minutes to Hack the EU’s New Age-Verification App

Cloud development platform Vercel was hacked

Vercel confirms breach as hackers claim to be selling stolen data

Nevada Police Can Now Track Cellphones Without a Warrant