View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 15, 2014updated 22 Sep 2016 1:11pm

5 worrying things hackers can recover from your phone

Your personal information can be retrieved long after it has been deleted. Here's how to stop it happening.

By Duncan Macrae

Over the past few years, forensic data retrieval software used by the police and other law enforcement agencies has made its way into the general public’s hands. Software like Oxygen Forensic, for example, allows people to recover data from phones and other mobile devices even after it has been deleted or undergone a factory reset.

We’ve taken a look at some of the things that can be recovered from your phone. And how you can protect yourself.

1. Personal Images and Videos

Even if you take a quick photo and delete it immediately after, along with all your other pictures and videos, it can be recovered.

What most people don’t know is when you delete information off you phone or undergo a factory reset, the data itself is not being deleted, it still remains in areas of the flash chip called solid state memory. Factory resets only destroy the paths to the data, this obviously allows forensic software users to re-establish their own pathways and retrieve the data.

2. Bank App Details

Despite banks doing their best to make Smartphone banking as secure as possible, as long as a code or pin is required to access their customers details they are susceptible to forensic recovery.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

The flat information that can be retrieved from the solid state memory also includes passwords and cryptograms that have been used within the phone’s apps.

This actually applies to any app that has ever been uploaded on a mobile device.

3. SMS and email messages (sent and received)

This could apply to all messages involving SMS, email, Whatsapp, WeChat, messengers, Skype and MMS logs that have ever been used on the phone.

The level of detail a hacker could undelete from your phone depends solely on the level of patience the hacker has. Forensic retrieval and the replacement of data pathways can be a laborious process because there are so many areas within the phone that the solid state memory can hide the flat data.

4. Web browsing History

Over the years more people have been using their phones to search Google and browse the net so, to accommodate, Smartphone technology has become more sophisticated. The down side to this is that the more complex and intrinsic something becomes data-wise, the more it can be exploited.

Even if a phone user was to delete their browsing history before selling or recycling it, forensic data can still potentially recover its flat data.




5. Geo-positioning – Position sensors

If having access to your private photos, messages and passwords wasn’t bad enough, another concerning bit of information a potential hacker can get their hands on is the Smartphone’s position sensor history.

So whenever a Smartphone user has gone to lunch with their friends and tagged them all in a facebook status update, all this logged information can be salvaged.

This could lead to a hacker being able to discover a former phone owner’s home address or hang out spots.

Can it be avoided?

It can be avoided but, unfortunately, it’s a slightly longer process than a simple factory reset or reinstallation, and for the next few years it will cost you a little (depending on your phone model).

A Permanent Data removal is the only known way to properly erase not just the data paths but the data itself. This type of service is also referred to as ‘Military standard wipe’, which is a reference to its military origins.

UK-based Sell My Mobile company, Bozowi, says: "According to the EU It is not mandatory for electrical recycling companies to perform permanent data removal services as of yet, but it is something we all need to offer our sellers for the sake of our own longevity."

Until the EU makes it compulsory for recyclers to implement permanent data removal services on all their brought phones, tracking down the few companies that offer it is the safest option.




Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.