Smartphone screen help up with lights reflecting on it

Police Auctioned Mobile Devices – Complete with Illegal Data!

ByMike McBride Reading Time: 2 minutes

Thanks to Brian Krebs, this week I learned that this scenario exists:

Imagine, if you will an identity thief caught in the act by law enforcement. As part of the evidence collection, they find a mobile device with a whole bunch of stolen credit cards, driver’s licenses, and other data that was in the process of being used by said thief, to steal the identities of dozens of people.

That evidence sits in the property room until such a time as the law says it’s safe for the law enforcement agency to get rid of it, at which time the device is put up for auction.

You would think that before auctioning off these devices with illegally-gotten and dangerous information on them, the various agencies would have wiped them clean, no?

According to the University of Maryland, you’d be completely wrong.

Also, the researchers found that many of the phones clearly had personal information on them regarding previous or intended targets of crime: A dozen of the phones had photographs of government-issued IDs. Three of those were on phones that apparently belonged to sex workers; their phones contained communications with clients.

One phone had full credit files for eight different people on it. On another device they found a screenshot including 11 stolen credit cards that were apparently purchased from an online carding shop. On yet another, the former owner had apparently been active in a Telegram group chat that sold tutorials on how to run identity theft scams.

The most interesting phone from the batches they bought at auction was one with a sticky note attached that included the device’s PIN and the notation “Gry Keyed,” no doubt a reference to the Graykey software that is often used by law enforcement agencies to brute-force a mobile device PIN.

Not only did they not wipe that phone, they didn’t even bother to remove the sticky note with the PIN from the back of it. That’s just the kind of laziness that causes many people to not trust law enforcement, isn’t it?

 

Similar Posts

  • What I’m Sharing (weekly)

    ByMike McBride Reading Time: 1 minute

    Morgan Stanley CEO: The economic case for addressing our mental health crisis Google Chrome to start blocking downloads served via HTTP Mobile Collection: It’s Not Just for iPhones Anymore Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion Snapchat Launches ‘Here For You’ Mental Health Resource for Users…

  • Facebook Download is Self Collection

    ByMike McBride Reading Time: 2 minutes

    Patrick DiDomenico does a great job of testing out Facebook’s “Download your Information” feature and testing exactly how useful it would be as a form of electronic discovery. He concludes: According to my test, the Facebook DYI feature gathers a user’s information as it appears in their Facebook account at the time of the initiation…

  • | |

    Linked – Streamlining the E-Discovery Process

    ByMike McBride Reading Time: 1 minute

    Monica makes a compelling case for more organizations to bring their eDiscovery work in house. Despite my place in an outside firm, I actually agree with much of what she has to say. “Monica Enand: It all comes down to three components: control, security and cost. First, having a system that the entire legal team…

  • Links (weekly)

    ByMike McBride Reading Time: 1 minute

    Data Mapping Doesn’t Have to be Complicated tags: LitSupport MM Does Sampling Case Set a ‘Dangerous Precedent’? tags: LitSupport MM Press Release: LexText Redactor for Word 2010 launched tags: LitSupport MM The Three Dangers of Landscape Photography tags: Photography MM A Good Decision Brings Out the Bullies tags: LitSupport MM Posted from Diigo. The rest…

  • Linked – AI and Mass Spying

    ByMike McBride Reading Time: 2 minutes

    Imagine, if you will, your smart TV or home assistant listening in on conversations you’ve been having about layoffs in your industry, and that data is shared with a financial institution that then decides that you’re not a good credit risk. The AI took that conversation and combined it with a ton of financial information from other people who work in your industry and made that call. Is it accurate? Probably not, but when you start grabbing data from all over the place and building these huge algorithmic models, things can get a little messy. You become less of an individual and more of a conglomeration of all the people who do things like you, and when you add in a little spying, that can lead to all sorts of disastrous consequences. 

    Do we want governments and corporations to have that much power? No, but as Bruce rightly points out, we haven’t done much of anything to stop them from taking it so far. 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)