Half of second-hand phones contain personal data

SYDNEY - A new research has revealed that consumers inadvertently pass on their personal data like intimate photos and credit card numbers and pins to strangers when they discard mobile phones.

An analysis of 50 handsets bought from second-hand resellers on eBay found that more than half contained personal messages or photos, according to a research from the mobile and forensics experts Disklabs.

More than 60 per cent still contained phone numbers left on a call log. A number were sold with pornographic material still on the phone.

“The worst thing a consumer can do is hope or assume that the person buying the phone will remove the data,” the Sydney Morning Herald quoted Simon Steggles of Disklabs as saying.

“Any data left on the phone is effectively open to the public domain. That could be as varied as intimate photos, videos and text messages … People hit ‘delete’ and think that means it is gone for ever, but that’s not the case,” said Steggles.

Researchers found porn on nine of the 50 handsets, while video and calendar information were also still on nine handsets. Personal security information, including home address, credit card numbers and pin numbers, was on 26 of the handsets.

Nine of the handsets had had their International Mobile Equipment Identity (IMEI) number changed-indicating they had been lost or stolen at some point. When reported, lost and stolen mobiles have their IMEI cancelled, which means they can no longer connect to the network.

Steggles said a factory reset is the safest and most reliable way to erase personal data before disposing of or selling a handset.

He said consumers are often naive in their approach to personal data, a problem compounded by mobile trade-in systems, which offer money in exchange for old handsets.

Rik Ferguson of Trend Micro, said the digitisation of people’s lives makes previously unimaginable data public.

“Data is more portable, more accessible, more widely disseminated and more numerous than ever before,” said Ferguson.

“We tend to place our faith in the technology that we use to access our data, we believe that when we hit delete the data is gone, and we believe that if we restrict the audience we share with that the data will not go any further. These beliefs are often misplaced - as that story testifies,” he added. (ANI)