Used mobile devices share secrets

Personal banking records, corporate notes on sales activity and product plans were among sensitive data found on PDAs (personal digital assistants) and smart phones sold on eBay, according to a small sampling taken by security software company Trust Digital. The problem is akin to one that plagues used computers that are sold or discarded before the hard drive is wiped clean.

"Personal and corporate data is being sold on the open market through eBay, and it's also available to anyone who finds, steals or purchases a used smart phone or PDA from any other source," Nick Magliato, chief executive of Trust Digital, said in a statement. "The general public needs to immediately be made aware of this fact."

In its sampling of 10 mobile devices purchased on eBay, Trust Digital retrieved nearly 27,000 pages of sensitive data. The users of these devices included the corporate counsel of a multibillion-dollar technology company that serves the legal market, a former employee of a publicly traded security software company, and an employee of a Web services company.

The sensitive data was gleaned from the flash memory of the gadgets, because the users failed to "hard" wipe their devices, according to Trust Digital.

The company advised mobile device users to enable the password function on their smart phone or PDAs and inquire about data security from their cellular carrier. Palm Treo 650s and BlackBerry handhelds from Research In Motion have a built-in hard wipe function. Commercial hard-wipe products are available to other mobile device users.