Cellphone Recycler Says 99% Of Phones Still Contain Personal Data

It’s really great to put your old cellphone back into circulation, even if that means just donating it to a family member. But please, remember to wipe the phone first.

Regenersis studied a random sample of 2000 handsets processed during the first week in December and found that 99% of handsets received contained some sort of personal data, including: contacts, SMS messages, pictures, music, videos, calendar entries, emails, notes, mailing lists and to do lists. In some cases, extremely sensitive information was contained, including bank details, addresses, and confidential emails.

This study was based on European phone donations, but we’re not going to pretend that U.S. citizens are ahead of the curve when it comes to data privacy. So please: recycle your phones, but don’t leave sensitive info on them.

If you need to erase your phone but don’t know how, try Googling the phrase “wipe phone data” + the name of your phone. Or visit this website and search for your phone there.

“WARNING: 99% of All Recycled Cell Phones Contain Owner’s Private Data” [CleanTechnica] (Thanks to Derrick!)
Free Data Eraser [Recellular.com]
(Photo: Pål Berge)

Comments

Edit Your Comment

  1. XTC46 says:

    The same goes for most donated computers, or computers taken to repair shops and then left behind becasue they didnt want to pay for the repair. People are incredibly careless with their personal info, then start screaming when it gets stolen.

    • Phydeaux says:

      @xtc46: I got everyone that’s going to post after me here beat.

      Once I got an old, old, pre-2G RIM device for a few dollars and lo and behold, somewhere in the area of 5,000 names, numbers and addresses.

      I’ve not done anything with them since the device itself is nigh unusable.

  2. fratgirl says:

    I bought a phone off of ebay once. It had belonged to a teen girl and had 100+ texts about her drinking and partying. Also it had 20 of the worst ringtones I’ve ever heard.

  3. BSacamano says:

    I got a reconditioned phone a few years ago that still had dozens of text messages in it. I was sitting in a meeting the day after I got it and just about fell out of my chair when I found this in the outbox: “i shaved my p*ssy 4 u”.

  4. MooseOfReason says:

    I’m sure the government already knew that.

  5. TechnoDestructo says:

    If all else fails: Microwave it.

  6. Quatre707 says:

    Securing mobile electronics, specially phones, is one of the biggest issues in Information Security right now.
    I bought a Motorola RAZR on eBay last year for $15.
    I was going to plug it in via USB cable to flash it with custom firmware, but before doing that I noticed he had a plain text note file saved in the phone with the routing number, and bank account numbers to both his savings and checking accounts. I was in disbelief.

  7. jenjen says:

    So how DO you make sure the data’s really gone from a phone? Is just deleting the data good enough? Or is it still easy for someone to undelete it the way it is with computer hard drives unless you use special wiping techniques?

    • TechnoDestructo says:

      @jenjen:
      That would depend on how the phone stores data.

      And by “special wiping techniques” do you mean overwriting the disk once? Because that’s all it takes with any hard disk made in the last 2 decades.

  8. shorty63136 says:

    Yes, PLEASE wipe your phone of all numbers, messages, texts, whatever.

    When you recycle them, they usually get shipped in a big box full of phones and the boxes sometimes break open in a shipping facility.

    That’s all I’m going to say.

  9. LiC says:

    I’ve got a memory card which I got from my brother which he got from an Ebay auction, and I’ve got pics from the original seller. They’re impossible to find on the stupid thing, there’s a very specific directory path you have to follow, skipping through a dozen folders.

  10. Yoko Broke Up The Beatles says:

    I remember when I recycled my last cell phone. I took the following precautions:

    1) took my phone directly to the cell phone provider local office and handed it directly to a uniformed rep. I didn’t take it to one of these so-called ‘authorized’ (3rd party) agents/providers.

    2) Deleted all phone numbers, addresses, and texts. Ringtones? I figured they did me no harm if someone else got ‘em, so I didn’t bother deleting them.

    3) Hoped/prayed that it was clean and that no one could steal any info. on me from it after it was out of my hands.

    Recycling is absolutely the best idea for our environment, so I recommend it. That being said, if anyone is concerned about someone else accessing personal information from it, I recommend smashing it. Then burning the pieces. Viola!

  11. Wombatish says:

    Same thing goes for memory sticks, like someone mentioned earlier.

    When I worked at Gamestop, we would have PSPs get traded in with memory cards absolutely chock-full of “adult content”, often featuring the device’s owner. (This was when some stores cleared these things by hand… if what I hear from some former co-workers is correct, all hard-drives and memory sticks are now shipped off to be professionally wiped… then again, porn is often set as the “screen saver”.)

    The point is… protect your data. If you don’t know how to do it yourself, pay a reputable professional to do it (but don’t just trust them implicitly either.)

    Or just don’t put your bank account info on your phone, maybe.

  12. parkavery says:

    My partner bought a phone on eBay and the seller left all of his personal data on it, including the default ringtone of someone screaming (!). It scared the life out of us a few times before we figured out how to get rid of it!

  13. Jonbo298 says:

    Part of the problem is that there isn’t an easy way for people to “easily” locate the ‘Master Reset’ option in alot of devices. Sometimes it’s buried in the menu’s and people just don’t want to hassle with it unfortunately.

    • ViperBorg says:

      @Jonbo298: Then your laziness is their gain.

      And when you start complaining about your personal data being stolen, don’t cry to me. A lack of thinking and preparedness on your part does not constitute an emergency on my part.

      As the article says, there are places where you can find out how to do it yourself. You being lazy is not an excuse.

    • jamar0303 says:

      @Jonbo298: That’s the nice thing about having a Sharp phone- It’s easy as pie. #+power key wipes the phone.

  14. larrymac808 says:

    My previous cell has a problem with the AC adapter-to-phone connection. Nobody seems to sell an off-phone charger for the battery, which is a proprietary Samsung battery. I’d love to get enough juice to retrieve my contacts and offload some pictures, then wipe it clean, but I ran out of ideas. So the phone sits on my bookshelf, lonely and forlorn.

  15. boxiom says:

    I recent traded phones with some guy on Craigslist. Well..I thought it was a guy. When he asked me to meet him at the park I figured hed roll up in his car. Instead a 10 year old black kid pulls up on his bike.

    His ringtones included Gnarls Barkley and Blink 182. He also put a passcode on the abailaity to delete missed calls.

    You little shit.

  16. jedo1507r says:

    Same goes to music players.

    A used iPod Video I bought two months ago at a pawn shop had the previous owner’s photos – luckily the photos were nothing risque, but her taste in music was horrible.

    Even the $3 Archos Jukebox I picked up last summer had the previous owner’s music. I got a taste of German folk music!

  17. ChibaCityCowboy says:

    A few weeks ago someone found a USB flash drive in the hallway, I looked at it to see if I could figure out who it belonged to , here’s what I found :

    bank account info
    taxes from the past 8 years
    resume with all certifications
    files from a site that helps you cheat on certification tests
    pictures of bodybuilders in thongs

    so I emailed the guy and gave it back to him. I didn’t access any of the sensitive data on it, but this shows how people can load up a device with info that could REALLY screw them up if it is lost.

  18. dark_inchworm says:

    @boxiom: “He also put a passcode on the abailaity to delete missed calls.”

    On which phone can you do something so particular? Jeez.

    • jamar0303 says:

      @dark_inchworm: Oookay… I’d love to know what the heck kind of phone you can do that on.

      Mine is weirder, though- I can put a passcode on the ability to format a memory card in it. And it won’t take a memory card if it hasn’t been formatted in the phone first.

      • boxiom says:

        @jamar0303: Its an LG VU, I tried to clear the missed calls, recieve calls, etc and it asked for a passcode.

        Probably “Puberty”

        • audemars says:

          @boxiom: did you try “boobs?”

        • jamar0303 says:

          @boxiom: Can’t you have the passcode reset to 0000? Take it into the Verizon shop with proof that it’s yours and they should do it, right?

        • Phydeaux says:

          @boxiom: If you’ve not done a PRL update on it yet, try pressing menu then zero then six zeroes. Inside of programming reinsert your phone number and whatever four digit lock code is used for security will be the last four digits of your phone number.

          If that doesn’t work, post back here or drop me a message on my profile. There’s a couple of other variants to get into the programming to reset that sort of thing that you can try.

  19. chrisjames says:

    If you need to erase your phone but don’t know how, try hammers, highways, lakes, or fireplaces.

  20. ekincam says:

    This reminds me of the time I bought a used hard disk from eBay. After I got it, I was a bit curious about its history. Even though the drive was formatted, I was able to recover just about anything I wanted from the drive. I was able to find a tens of people’s tax documents, social security numbers, bank account numbers, and a plethora of other personal information. I think the drive used to belong to a CPA or something similar.

    Simply wiping a drive using format from Windows or command prompt will not erase sensitive data. It simply erases what amounts to the table of contents to the files. It doesn’t take much effort to recover data from the drive.

    When any drive leaves my possession because it’s sold, for warranty return, or similar, at the minimum I do a zero write or low level format on the drive. If I have time, I’ll do a random write followed by another zero write afterwards. This process can take a few hours to a day or more depending on the speed of the drive and your computer, but will ensure that your data cannot be easily recovered. At this point, the data is still recoverable, but unless you have have a national or foreign government spying on you, you’re probably safe because the equipment and techniques used are prohibitively expensive for most individuals.

  21. IT-Chick says:

    I can tell you that on a Blackberry, the wipe function is under Options, Security. You have to hit the Blackberry for the option of “wipe” to come up. It’s not obvious at all.

    • IT-Chick says:

      @IT-Chick:

      Oops, hit the Blackberry Button, not hit the Blackberry, but I guess beating it could also wipe it.

      • ekincam says:

        @ChibaCityCowboy:

        Because things like this happen, I have a flash drive with AES encryption. I don’t like the way that the encrypted portion of the drive is accessed, but I guess when you secure things, you have to make some compromises. Speed of the drive was not compromised due the encryption though since it’s hardware based.

  22. the.girl.from.philly says:

    i have THE story to end all stories on this one.

    a few months ago, i purchased a recycled phone on ebay. i was promised it would be completely refurbished, and maybe would just have a couple of scrapes here and there, from everyday use. fine, i thought.

    that’s not what arrived.

    instead, a full album of the previous user’s photographs (84, to be exact) remained intact. two of those photographs were close ups of someone’s shaved vagina. yes, really. another two were of someone’s pot plants.

    a few weeks later, i finally searched through the video storage on the phone… and again, jackpot: five sex videos, of my phone’s owner and his lady friend. hey, at least he was seemingly monogamous.

    when i complained to the company i bought the phone from, they offered to give me $15 to “make up for the distress i incurred.” it never showed up.

    ‘course, the story itself is worth way, way more than $15!

  23. TrevorYYC says:

    I just bought a used phone with pictures of fugly bewbs a list of website usernames and passwords

  24. Outrun1986 says:

    One of my friends bought a digital camera from best buy. When he got home he found photos of a bunch of people masturbating in the back room of best buy. They still had their name tags on, so it was completely obvious who they were. So he uploaded the photos to a website for all to see. He did return the camera to best buy and explained the situation and they gave him a new camera of the next model up in line.

    So its not only cell phones and ipods that have this problem. Though I shudder to think whats on those PSP memory cards that people trade in to Gamestop given Gamestop’s clientele. Pretty much anything that has memory storage has this problem. There have been multiple stories posted on here of children getting ipods and MP3 players from Walmart with very questionable content on them.

    I wouldn’t be surprised if those hard drives from ebay belonged to an office originally. I was at a job interview once where the workers were passing around their passwords out loud right in front of me and the other interviewees, they were even saying what the password was for. Not to mention the sticky notes with the passwords on them were in full view. Didn’t get the job, don’t think it was a place I would want to work for anyways!

    • Fresh-Fest-1986 says:

      @Outrun1986: How do you start that conversation that gets everyone masturbating in the back room of your job?

      “OK everyone I’m sick of drinking coffee and complaining about our boss, so I’m going to masturbate right here in front of you. Whose in?”

      • Ratty says:

        @Fresh-Fest-1986: It’s the new Best Buy way to get the sales staff pumped. Corporate management circlejerks taken a bit too far.

      • kbrook says:

        @Fresh-Fest-1986: I think that’s the most disturbing part – where the hell do these ideas come from? What kind of person says, “Hey, I bet the whole entire freaking universe wants to see me jerking off. In front of other people. At work. With my name tag on.”

  25. Janet Altman says:

    That’s right. The word on the street is that the very best way to dispose of information in a digital device after you are finished using it is the bottom of a lake, a deep lake.

    The very best way to manage digital security while you are using it is to be very smart, update, backup, just about anything you can get your hands on.

    [www.justaskgemalto.com]

  26. VigilanteKitteh says:

    It’s a coincidence that this got posted now, as we’re dealing with the same problem. BF just got a “new” phone from The Telephone Booth, and we’re going to return it tonight, and demand a NEW phone. Sales rep claimed that it was new, but when we got home, there’s all kinds of pics of girls, and inappropriate text messages. He flipped out when he saw this, considering that it’s happened to us before with his previous phone, and we almost broke up that time (I didn’t believe him then).
    Point is, even if you’ve only had the phone for a week, and are returning it to the store, wipe that shit off it!!!

  27. waystland says:

    for most if not all Motorola phones,
    the security code is 183729 to delete and clear your phone

  28. turtledude558 says:

    I buy plenty of used mobiles on ebay and this happens a lot.

    It can be hard to delete everything especially if you use the phone as a flash drive, it may have information on it that you don’t know/remember.

    My true intentions on commenting on this, however, were to praise the 3 mobiles in the photo: Sony Ericsson’s K750i, Z800i, and W800i (from left to right).

    Amazing phones :)

  29. kyle4 says:

    Too bad they don’t have the program I found (can’t remember the name) foe computer. It’s a program that mimics Police file searches and is the best data destroyer next to burning your hard drive.

  30. baristabrawl says:

    This drives me insane. If you get rid of your cellphone without erasing it completely, you’re a boob. BOOB!

    Why doesn’t someone start a business where you erase cellphones for $10. How hard can it be?

    I would also say that I don’t really care about someone else’s contact list. YEARS ago I got a Sprint phone with voice activated dialing (horrible). And the last guy’s voice was still on it with his set of commands. It was heinous and I didn’t care. I also don’t put that much personal information on my phone bout me. If you want to try to impersonate someone else on my phone you’ll find that a lot of the people in my list are nick names.

  31. Anonymous says:

    Pity the person who acquires a cellphone (or other device) that contains child porn, and then is charged for possession! Border guards don’t need any excuse, reason, suspicion, or warrant to search or seize electronic devices, so some travelers might have a lot of explaining to do.