Phone thieves get access to key information
When your mobile phone is stolen, you don't just lose your numbers.
Key personal information including your name, PPS number, PayPal payment details and emails can all be retrieved from lost or stolen devices, new research has found.
In nine out of 10 cases of stolen mobile phones – including 50pc that were encrypted and 90pc locked with a passcode – it was possible to identify the owners' email address.
The study found in three-quarters of cases it was possible to identify the owner. In 25pc of mobiles examined, it was even possible to find the person's PPS number in messages.
The report by Deloitte's security team found more than 12,000 phones are stolen each year while many phones are upgraded every 18 to 24-months. This has led to a high number of second-hand phones in circulation.
But even on factory-wiped phones examined by the team, it was still possible to identify the owner 70pc of the time, and contacts were retrieved in 60pc of cases.
In 85pc of cases it was possible to access the previous owner's text and chat logs.
Colm McDonnell, a partner in enterprise risk services with Deloitte, warned there was a need for both companies and phone users to "protect their data and maximise privacy".
The report was compiled after a team of digital forensic investigators tested a wide variety of makes and models to examine the risks.
The report also urged businesses to be aware of their legal obligations to secure data held on smartphones and other mobile devices in the workplace.
Jacky Fox, author of the report, warned an individual piece of data may not be a problem – but the information when pieced together may pose a "significant risk".
Dermot Williams, managing director of IT security specialist Threatscape, said that the report showed even those who think they have taken prudent security measures on their mobile phone may still be vulnerable.
He urged phone users to take care not to confuse a 'factory reset' with a more comprehensive 'secure wipe'.