The exposed data included GPS navigation, terminal ID number, chassis number, and vehicle location and time data. It was kept in an unprotected database of customers using Toyota’s T-Connect G-Link, G-Link Lite, and G-BOOK car infotainment systems. While the data was pseudonymous, anyone with physical access to Toyota cars could obtain the vehicle identification number, which could connect the data to the users.
