|This is a second post from guest blogger Amy Stewart, Manager of Social Media Strategy for Intouch Solutions & author of great Kansas City-focused blog at beyondtheplazalights.com. Amy also tweets at @amylynnstewart, so be sure to check out her blog & twitter account. Thanks to Amy for sharing her great story!|
Yesterday, I told the story of how Google+ aided my detective work that led to the recovery of my lost/stolen cell phone. Today, I’ll discuss the major security flaws I uncovered about Android phones and Sprint service in the process.
Long story short
To catch you up, I reported my cell phone lost to Sprint, ordered and re-activated a new one, yet my lost/stolen phone was still connected to my accounts as evidenced by the photos Yellow Cab Driver #957 was taking that were automatically uploading to my Google+ account. Here’s another photo that I didn’t include yesterday. . .
Sprint says they fixed the problem
The first question I had was “Why were all of my accounts still connected to my lost/stolen phone even after I had activated my new one?” That’s a question that I still can’t figure out. I called Sprint about the situation on Friday, August 5 when I realized that several photos had been uploaded that weren’t mine and I didn’t get a straight answer.
On the call, the Sprint customer service rep said he deactivated service on both phones (old and new) and reactivate my new phone. He told me that would fix the problem. However, it didn’t.
The problem was bigger than I thought
Sprint deactivated the phone service, but the internet based features and apps still worked anywhere there was Wi-Fi. I even tested it when the old phone was returned and sure enough. . .the test picture I took on the “deactivated” phone uploaded to Google+ in a matter of seconds.
Fortunately, I have my phone back, but I find it very eye-opening that Sprint never actually deactivated my phone. Mr. #957 had access to:
- Multiple email accounts
- All of my contacts
- Photos of me and my friends
- My calendar
- All of my social networks
Basically, my entire life. . .for 16 days.
Option 1: Download an Android remote wipe app on your phone. I had no idea this was possible or necessary until Sprint, my service provider, didn’t wipe my phone completely after I reported it lost.
Option 2: Buy an iPhone. Apple offers a service called MobileMe allowing users to save all of their data in one location, locate their phone, and wipe it clean if it’s lost or stolen.
- Lock your phone – Mr. #957 would have never had access to any of my information had the home screen locked.
- Download a remote wipe app on your Android – I thought my old phone would be deactivated the minute I reported it lost. I then thought it was deactivated after I called customer service and was told that it was. I would have never known any different had I not gotten my phone back. At this point, I feel this is the only way to truly protect yourself.
- If you think your cab driver stole something you left in his cab, he probably did, but there’s a better chance of him returning it if he can’t get into it in the first place. So lock your phone and download the remote wipe app!
|Thanks again, Amy, for sharing your story and suggestions! Hopefully your experiences will help someone else avoid having a thief gain access to personal information on their mobile phone.If you have a similar story about how social media helped locate something lost or suggestions on how to secure the information stored on a mobile device, we’d love to hear your experience in a comment!|