Mobile device security specialist Trust Digital recovered 27,000 pages of personal and corporate data from 10 used smartphones, which were bought on eBay, even though the previous owners had deleted the phone's memory.
US-based Trust Digital on Thursday published the findings of its project and revealed that the data was recoverable because the previous owners had simply deleted the memory but not performed an "advanced hard reset".
According to a statement published on the company's Web site, "the information was retained in the flash memory of the devices because of users' failure to perform the advanced hard reset required to delete the data.... Consumers can protect themselves by enabling the password function on their devices, asking their cellular carriers for information about data security, and "hard wiping" their devices before selling them."
Trust Digital claims that the previous owners of the devices included "a former employee of a publicly traded security software company, an employee of a Web services firm, and a corporate counsel of a multi-billion dollar technology company serving the legal market".
Of the 10 devices used in the test, nine contained retrievable data -- the 10th device had never been used.
Nick Magliato, CEO of Trust Digital, said in a statement: "The general public needs to immediately be made aware of this fact. Whether you're talking about pilfering an individual's private files or stealing corporate secrets, this adds up to a very real data theft epidemic."