Smartphone users routinely cycle out their old device for a new one every two years or so. When it’s time to upgrade, many users see an opportunity to sell their old phone for extra cash. However, a device that’s improperly wiped of its data could lead to identity theft if the data is recovered by the new owner.
This was found to be the case by Avast with Android smartphones. The company recently did an experiment in data security by purchasing 20 used Android phones off of eBay. All of these phones were “wiped” and reset to factory condition. What the previous phones’ owners didn’t anticipate was Avast combing through their old device with sophisticated data recovery solutions, like the forensic software Oxygen Forensic Suite and AccessData’s Forensic Toolkit–tools that a professional hacker would have at their disposal.
Even though these 20 phones were wiped and reset, Avast was still able to recover a significant amount of data:
And then, it gets weird. According to Jude McColgan, Avast’s president of mobile, the recovered photos included “more than 750 photos of women in various stages of undress, and more than 250 selfies of what appear to be the previous owner’s manhood.” As crazy as that sounds, we’re not surprised by this news. There are a lot perverts out there.
This sensitive data in the hands of someone with malicious intent can potentially ruin the victim’s life. Identity theft can lead to wiped out bank accounts and loans taken out in the victim’s name. Identity thieves can even make use of the those secret nudie pics. Once the identity of the naked person is confirmed, it would be easy for the thief to blackmail them with the recovered images, or even stalk from the bushes outside of their home, depending on what level of pervert we’re dealing with.
Of course, this revelation has dire ramifications for disposed-of corporate Android devices as well. If a business were to sell off their old Android smartphones to the free market in an attempt to recoup their costs, they would lose much more than what they would save if a thief armed with the right forensic tools were to recover sensitive corporate data.
If you’re using an Android device and you’re looking to trade it in, we advise you to take additional precautions than just using the preinstalled wipe feature. There are good security apps available on the Google Play store:
These apps may cost you money to purchase, but it’s worth it compared to the consequences of having your sensitive data fall into the wrong hands.
To be sure that nobody will recover your deleted data from your smartphone, before you dispose of it, call Tektonic at (416) 256-9928 to have us make 100% certain that everything, and we mean everything, is gone for good.