Symantec study reveals 93% of people access data on lost smartphones

Jane McEntegart

July 15, 2014 12:53pm

For most of us, the prospect of losing our smartphone is pretty daunting. Your phone probably knows more of your secrets than any one person in your life. Private emails, entire galleries of images from friends and family, access to all of your online accounts (including social media, professional sites like LinkedIn, and maybe even your financial institution’s online banking service), it’s all there.

Thinking about that kind of information falling into the wrong hands is scary for a lot of people. But if you lost your phone, what’s the most likely scenario? Would it be returned? Would the person keep your phone but wipe all of your information? Would they post your Snapchat screen grabs for all to see?

Symantec Canada recently ran something of a sting operation to figure out what people generally do when they come across a homeless smartphone. First, the company “lost” 60 smartphones in Vancouver, Calgary, Toronto, Ottowa, Montreal and Halifax. Then it monitored the phones to see what people did with the them once they picked them up.

The good news is that if you lose your phone, there’s a slightly better than 50/50 chance the person will try to return it to you. Apparently, 55 percent of people attempted to return the phone to its rightful owner. The bad news is that even those kind souls are pretty nosy and will take a peek at your private data before they give your phone back. According to the Symantec, 93 percent of people accessed the devices and half looked at private photos. A total of 63 percent looked at corporate email and a little more than half (52 percent) opened the password file. Thirty-five percent accessed the bogus online banking application loaded on the lost phone.


The results of the study come hot on the heels of a report from Avast! that revealed many people selling their phones on eBay don’t do enough to wipe their personal data from the device before shipping it to the buyer. The company purchased 20 second-hand cell phones from users on eBay and discovered over 40,000 photos on the phones, including 1,500 pictures of children, 750 photos of women in various stages of undress and 250 dick pics. They also discovered the identity of four previous owners, and more than 750 emails and text messages.

The biggest mistake people make is thinking that deleting the data is enough. Similar to how deleted files can easily be recovered from a hard drive, someone can fairly easily retrieve files you have removed from your phone. The answer to the problem is overwriting the files, not just deleting them. This can be done fairly easily (there are numerous Android apps that do it) but not a lot of people know how or that it’s even necessary. Avast! (of course) has an app that can do it for you. It’s called Avast! Anti-Theft and it’s free on Google Play.



  • Tiboroasa

    if i found a blackberry phone that belonged to another person, i’m confident that person would want me to take it off their hands so they can get something better. lmao

    • HueHueHue


  • Josh Brown

    Actual story: “Symantec study reveals 100% of its business is built on fear mongering. ”

    • Acer12345

      “Symantec study reveals 93% of people access data on lost smartphones [and why you should buy their Norton Anti(haha)-virus for only $99.99 per day]”

    • Josh Brown

      Also funny.

  • HueHueHue

    Or, instead of installing lousy apps from fearmongering vendors, you can just encrypt your phone via the built-in-since-4.0 Android feature under Security/Privacy, and then wipe it.

  • 5Gs

    It’s funny these days media is going hard core regarding our privacy being breached. It’s been happening ever since. What do you think your birth certificate, sin #, driver license, credit cards etc etc been doing. They know your history more than you ever do. Your data has always been collected ever since. It’s just now people are realizing that Oh! my privacy. Get over it. Don’t be paranoid. You have been owned ever since you were given birth and you have been played/programmed since day one.

    Don’t be paranoid and enjoy your life instead.

    • WatDah

      This. If you have something to hide, don’t put/leave it on your phone. How dumb is it that people are screaming they want their privacy protected, and at the same time spoon feeding their privacy to the internet.

    • 5Gs

      Exactly. What happen to good old days of writing a diary and locking it in. Keep your private things private 😉

  • Matty

    What’s “the password file” and how do I open it? Makes it sound like all of your passwords are sitting in a plain text file somewhere on your device. Pretty sure that’s not the case!

  • Adderbox76

    Fear-mongering. Nothing more.

    If a person finds a lost phone and even accesses the address book in an attempt to identify and contact the owner, it counts as “data access”.

    Every major OS now has the ability to remotely wipe your device while leaving an electronic note on the home screen with your contact information. If you lose your phone and don’t do that, then tough.

  • Acer12345

    Next thing you know, you’ll need anti-virus software in your smart-fridge, smart-oven, smart-toaster, and smart-coffee maker.

  • ScooterinAB

    +1 for fearmongering. I get security. I understand that people want to be safe. But I don’t save banking passwords on my phone, nor use banking apps for this very reason. Yes, my e-mail is accessible, but that’s not a major concern for me because I don’t have industrial secrets saved in my e-mail account. If something happens, I change my password. Simple as that. I would rather data from my phone not be stolen, but again, there is no intellectual property nor secret information. I have no naked pictures of myself on my phone, nor would anyone want to see them. Any phones I have are probably random pictures from when I didn’t have my camera or from attending a comic show or something. It’s not like my phone has samples of my blood and lists of my fears.

  • Ocean

    Wow, I’m reading a lot of bitterness in the comments, which says a lot about the ignorance I come across daily in my job for a cell provider. Fact: most personal and/or confidential info is stored unprotected and not backed up on mobile devices. And theft of cell phones is a very popular franchise. Not even the national blacklist has stopped this, as theft rings simply ship devices overseas. (Although it is helping against “casual” theft.) Stealing your banking info or and/or identity theft often begins just with access to your email. It’s that easy. So, yeah, you could argue that Symantec is just pushing their product: it’s their business. But if you ignore their advice, you’re the tool, not them. It’s time to wake up. This isn’t 2003 with a flip phone anymore.

  • Nadefrenzy

    “dick pics”

    Did you actually write that? lol

    Oh and what on earth are you doing here, Jane? Weren’t you with Tom’s for years? So unfortunate that that community has faded.

    Anyway, welcome to Mobile Syrup.

  • yddtime

    Ridiculous study. How is a good Samaritan supposed to find the rightful owner of a phone without looking at the data? I found a phone in a parking lot once and looked through the contacts to find a home number. Called them and they got the phone back.