Lee Reiber, Director of Mobile Forensics at AccessData, read an RTL post on mobile phone security and was kind enough to send this guest post on the proper disposal of old cell phones.
When consumers trade in their old mobile devices (phones/tablets) for new this holiday season – much of it will end up on eBay, Craigslist and other sites to be resold.
Although the data has seemingly been wiped clean – sensitive information still resides that can easily be extracted for identity theft and other criminal activity.
I recently bought five used cellphones (two HTC Androids, an LG Android, an iPhone 3G and a Sanyo 2300 flip phone) and tested them using mobile forensic technology.
What was found is surprising. Most contained personal information including date of birth and personal email records. One device in particular contained Yahoo accounts with passwords, work location along with social security number, geolocations of images, and Facebook logins.
Consumers as well as corporations that resell old devices need to follow a few simple steps to help ensure sensitive information is kept out of the public eye:
- Sellers should restore the device back to factory settings
- Make sure to remove the SIM card and erase any SD card
- Run updates on the phone’s operating system to eliminate most of the data stored in the file system
Thanks for passing along these helpful tips for the secure disposal of cell phones Lee!
E-mail: firstname.lastname@example.org Phone: 703-359-0700