Millions of people are looking forward to receiving a new smartphone or tablet this Christmas. But beware of the spirit of Christmas past if you’re getting rid of your old device – personal details can still be retrieved if the right steps are not taken to securely wipe data and dispose of handhelds correctly.
In a study undertaken by Kroll Ontrack and Blancco Technology Group earlier in 2015, thousands of leftover emails, call logs, texts, SMS, IMs, photos and videos were retrieved from 35 per cent of the mobile devices examined.
The engineers at Kroll Ontrack and Blancco Technology Group discovered that a deletion attempt had been made on 57 per cent of the mobile devices that contained residual data. Those deletion attempts had been unsuccessful due to common, but unreliable methods used, leaving sensitive information expose.
Paul Le Messurier, Programme and Operations Manager at Kroll Ontrack, says: “Residual data left on two of the second-hand mobile devices were significant enough to discern the original users’ identities. Whether it’s a person’s emails containing their contact information or media files involving a company’s intellectual property, lingering data can have serious consequences. Together, all of the study’s findings serve as a powerful warning about the importance of using effective data erasure methods and the need to mitigate security risks that may occur when done improperly or incompletely.”
Le Messurier adds that “manually deleting data or simply logging out of a mobile device app does not erase data from the device. Deleting data simply hinders the ability for the mobile device to locate the data – the actual data still remains and can be recovered. To successfully delete data to a state where it cannot be recovered, one must completely overwrite the data using reputable deletion software.”
The report concludes with the reminder that “even the smallest amount of data can include enough personal or classified company information to cause irreparable damage. This data could be used in a number of ways – making online purchases with stolen credit card information, signing up for a new line of credit with personal/company information, blackmailing individuals or firms for ransom money with the threat of leaking sensitive information, or worse. The inventiveness of cyber criminals is unlimited.”
So, do your homework, suggests Kroll Ontrack and Blancco Technology Group. If you use your personal mobile device for work, check your company’s data retention and BYOD policies.