Skip to main content

Security company says your data can easily be recovered from 'wiped' Android phones

Security company says your data can easily be recovered from 'wiped' Android phones

Share this story

Software maker Avast is calling the security and thoroughness of Android's factory reset feature into serious doubt today. The company says it purchased 20 used Android smartphones online and set out to test whether personal user data could be recovered from them. Each phone had been reset prior to being sold, according to Avast, so in theory the test should have failed miserably. But that's not what happened.

Using widely available forensic software, Avast says it was able to successfully pull up over 40,000 photos previously stored on the phones. Many of those featured children, and others were sexual in nature with women in "various stages of undress" and hundreds of "male nude selfies." The company also managed to recover old Google search queries, emails, and texts. All told, Avast successfully identified four original phone owners using data that those people falsely assumed had been permanently deleted. Users must overwrite previous data to truly get rid of it, Avast says.

Is your data really gone after a reset?

We've reached out to Google for more details on Android's factory reset and whether it's designed to prevent this type of data recovery. For now, Avast's results should be taken with some skepticism. The company has every interest in pushing this story; it works in the business of security software, and claims its own tools are more effective than those provided by Google.

On the iOS side of things, Apple seems to go out of its way to thwart data recovery after an iPhone or iPad has been wiped. On newer hardware, the iOS reset feature removes the encryption key that protects a user's data. So even if data is somehow recovered without a user's knowledge, it's rendered inaccessible and essentially useless. With older iPhone and iPod touch models, Apple says it "overwrites user settings and information, writing a series of ones to the data partition." This step would similiarly prevent unauthorized recovery in most cases.