Second hand phones contain extensive personal data

People are unsuspectingly selling their personal information to complete strangers as a new report from CPP finds half (54%) of second hand mobile phones contain extensive personal data.

Second hand mobile phones and SIM cards purchased on eBay and used electronics shops by CPP were examined in a live experiment to see what personal information was available on the handsets and whether it constituted a threat to their former owners’ identities.

The experiment revealed 247 pieces of personal data that had been carelessly left on a range of mobile phones and SIM cards. The personal data included credit and debit card PIN numbers, bank account details, passwords, phone numbers, company information and log in details to social networking sites like Facebook and LinkedIn.

In research that supported the experiment, half of second hand mobile owners said they have found personal information from a previous owner on mobile phones and SIM cards they have purchased second hand.

Worryingly, the vast majority (81 per cent) of people claim to have wiped their mobiles before selling them, with six in ten confident they have removed all of their personal information from them. However, the experiment revealed that 54 per cent of mobile phones and SIM cards contained sensitive personal information putting people at unnecessary risk of identity and card fraud.

The variance could be explained by the fact that most people who claimed to have ‘wiped’ their handsets tried to erase the data manually – a process that security experts acknowledge leaves the data intact and retrievable.

And it seems personal information comes cheap with individuals selling their old handsets and SIMs for an average price of 47 pounds Sterling.

As people rely heavily on their mobile phones to store personal data such as e-mail addresses, social networking log in details, banks account details and even debit and credit card PIN numbers, CPP is calling on people to make sure they remove all of their personal and financial information from their mobile phones and undertake adequate security measures to protect themselves from identity theft.

Senior Vice President of CRYPTOCard Jason Hart said: “The safest way to remove all of your data from a mobile phone or SIM card is to totally destroy the SIM and double check to ensure that all content has been removed from your phone before disposal. With new technology does come new risks and our experiment found that newer smartphones have more capabilities to store information and that information is much easier to recover than on traditional mobiles due to the increase of applications.”