A recent exploration made by a digital forensics company into a handful of phones found in the smartphone secondary market showed how easy it is to glean information from old or lost phones, even if a factory reset has been committed. Today an expert from Access Data gave Dark Reading the skinny on his findings from his informal research and explained some of the repercussions for both corporations and consumers who don’t pick, manage, or dispose of their phones wisely.
“I buy a lot of recycled phones and there is tons of data still on them,” says Lee Reiber, director of mobile forensics for AccessData. “I’d guess if you went and grabbed 10 phones [from recycling companies], 60 percent of those are going to contain data still.”
Reiber says that at the behest of a customer interested in the data lingering on phones sold by used phone resellers and consumers using Craigslist and eBay, he used AccessData’s tools to do an in-depth forensics dive into five handsets acquired from this secondary market. The phones were the iPhone 3G, Sanyo 2300, HTC Wildfire, LG Optimus, and HTC Hero. Of those five, the iPhone and the old Sanyo had not been reset and contained what Reiber called logical data — things like active account sign-ons, contacts, and calendar information easily usable by any person who turns on the phone.
Even though all of the Android phones had been wiped through a factory reset, four of the five phones also included information that would take someone with forensics tools and knowledge to extract from more hidden storage locations.