Protect private info on devices before repair service

Feb 4, 2015 15:11 GMT  ·  By

After taking her smartphone to RadioShack for repairs, a woman discovered that “extremely revealing, nude and nearly nude” pictures of herself had been sent to a number that was not in her contact list.

The phone had been brought in for replacing a broken display on November 16, 2014, but she found the leak on January 8, 2015, when deleting old photos from a tablet that was synchronized with the smartphone.

At least 17 private pictures were leaked

It appears that the RadioShack employee, Jose Robert Miranda, who has since been fired, did more than just fit another display to the phone, as he also scoured the data on the device. Upon finding compromising images of the client, he did not hesitate to share at least 17 of them.

24-year-old Miranda is now charged with stealing and copying computer data, according to SFGate news outlet, and he did not enter a plea when he appeared in court on Monday.

“Never in her wildest dreams would she have imagined that RadioShack would have done something like this,” said the woman’s attorney, Timothy Osborn.

When taking an electronic device that can store personal information to a repair shop, it is best to make sure that the data on it cannot be accessed. Similar incidents have been reported numerous times with computer systems, where the repairmen would turn into data thieves if adequate protection was not enforced.

Encrypting data on mobile devices

In the case of mobile phones and tablets, it is a good idea to block access by setting up a passcode or pattern that cannot be guessed easily. With computers, things are easier because one can encrypt the content stored on the hard drive; if possible, it wouldn’t hurt to take the system to service without the storage unit.

Android includes a data encryption feature that does not unlock the content unless the correct string of characters (PIN or password) is entered.

On iOS, setting up a passcode to access the phone’s functions also encrypts the data on it. Even if the PIN is only four numbers large, it would still require an attacker 10,000 tries to crack it. There is also the possibility to use alphanumeric codes; furthermore, there is the possibility to set a maximum limit of 10 fails before the information is deleted.