Research reveals that more than 20% of second-hand mobiles and
other
mobile gadgets still contain sensitive information.
Research from BT, the University of Glamorgan in Wales and Edith
Cowan University in Australia discovered the amount of sensitive
information left on phones sold on.
The survey of more than 160 used devices found a range of
information including salary details, financial company data, bank
account details, sensitive business plans, details of board
meetings and personal medical details. A number of the devices were
bought on online auction sites.
The devices containing the greatest volume of information were
discarded BlackBerry devices, which in a number of cases were left
unprotected, despite having
security features such as encryption built in.
In one example, a BlackBerry was examined that had been used by
the sales director for Europe, the Middle East and Africa of a
major Japanese corporation.
It was possible to recover the call history, the address book,
the diary and the messages from the device and the information that
was contained in these provided:
o The business plan of the organisation for the next period
o The identification of the main customers and the state of the
relationships with them
o The relationship of the individual with their support
staff
o Details of the personal life of the individual including
details of their children and their occupations, movements, marital
status, addresses, appointments and addresses for dental and
medical care providers
o Bank account numbers and bank sorting code
o Car make and registration index
Although being far less sophisticated, 23% of the standard
mobile phones examined still contained sufficient individual
information to allow the researchers to identify the phone's
previous owner and employer.
Iain Sutherland, who leads the research team at the University
of Glamorgan, said, "Many large organisations currently dispose of
obsolete hand-held devices by donating them to charities. It was
discovered during the course of the research that a number of these
charities then pass on a large percentage of these devices to
places such as China and Nigeria, both of which are regarded as
posing a real threat to the security of information."