Feeds

Sensitive data easily swiped from eBayed mobiles

Smut, logins and bank card PINs - oh my!

Beginner's guide to SSL certificates

Second-hand mobile phones sold on by their owners often contain extensive personal and sensitive data that leave sellers open to identity theft and other privacy risks.

Pre-owned mobile phones and SIM cards purchased on eBay or from shops were checked using readily available equipment to see what personal information was left on the handsets. Around half the handsets and chips examined by ethical hacker Jason Hart still held sensitive information.

Hart was able to recover all sorts of interesting nuggets using a mobile phone SIM Reader (something that can be bought from most electric stores), SIM recovery software and forensic examination software.

A total of 247 pieces of data were recovered from a total 19 of the 35 mobile phones and 27 of the 50 SIM cards. Data left on these handsets and communication devices included many photos (including pornographic images), bank details, login details for social networking sites and PIN numbers as well as private texts and emails.

In a separate poll, most sellers (80 per cent) claimed they had wiped their mobiles before selling them, with six in ten stating they were confident that no personal data was left on devices subsequently offered up for sale.

CPP, which provides mobile phone insurance and paid for the research, said sellers of second hand kit need to be more careful they remove all their personal information before selling on their smartphones or handing them on as a gift to friends or family members.

Hart, senior VP of CRYPTOCard, the security firm CPP hired to take care of the science bit of the exercise, said users ought to destroy SIM cards before handing over smartphones.

"The safest way to remove all of your data from a mobile phone or SIM card is to totally destroy the SIM and double check to ensure that all content has been removed from your phone before disposal," Hart said.

Hart added that newer generations of smartphones tended to store vastly more information than older mobile phones, a factor sellers disregard at their peril.

"With new technology does come new risks and our experiment found that newer smartphones have more capabilities to store information and that information is much easier to recover than on traditional mobiles due to the increase of applications," Hart explained. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.