More than 20% of second-hand phones contain sensitive data

Research reveals that more than 20% of second-hand mobiles and other mobile gadgets still contain sensitive information.

Research reveals that more than 20% of second-hand mobiles and other mobile gadgets still contain sensitive information.

Research from BT, the University of Glamorgan in Wales and Edith Cowan University in Australia discovered the amount of sensitive information left on phones sold on.

The survey of more than 160 used devices found a range of information including salary details, financial company data, bank account details, sensitive business plans, details of board meetings and personal medical details. A number of the devices were bought on online auction sites.

The devices containing the greatest volume of information were discarded BlackBerry devices, which in a number of cases were left unprotected, despite having security features such as encryption built in.

In one example, a BlackBerry was examined that had been used by the sales director for Europe, the Middle East and Africa of a major Japanese corporation.

It was possible to recover the call history, the address book, the diary and the messages from the device and the information that was contained in these provided:

o The business plan of the organisation for the next period

o The identification of the main customers and the state of the relationships with them

o The relationship of the individual with their support staff

o Details of the personal life of the individual including details of their children and their occupations, movements, marital status, addresses, appointments and addresses for dental and medical care providers

o Bank account numbers and bank sorting code

o Car make and registration index

Although being far less sophisticated, 23% of the standard mobile phones examined still contained sufficient individual information to allow the researchers to identify the phone's previous owner and employer.

Iain Sutherland, who leads the research team at the University of Glamorgan, said, "Many large organisations currently dispose of obsolete hand-held devices by donating them to charities. It was discovered during the course of the research that a number of these charities then pass on a large percentage of these devices to places such as China and Nigeria, both of which are regarded as posing a real threat to the security of information."

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.