Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

BlackBerry for sale, corporate data included

A US computer consultant got more than just a BlackBerry PDA when he spent $15.50 on eBay. According to a report on Wired News, the BlackBerry device contained confidential addresses, phone numbers and e-mails relating to the previous owner's employer – Morgan Stanley.27 Aug 2003

The BlackBerry had been put up for sale on the auction site by a former vice president for mergers and acquisitions with Morgan Stanley.

The unnamed seller told Wired News, "It didn't even occur to me that it would have this stuff still on there because it had been lying around for a long time without a battery in it". He added, "Had I known there was anything on it, I wouldn't have sold it."

In fact the pager contained over 200 confidential internal e-mails, and details of Morgan Stanley employees, including their names, e-mail addresses and phone numbers.

The case is the latest example of a lax attitude to the security of pagers, PDAs and other portable devices within the business sphere.

In July this year, a PDA usage survey commissioned by Pointsec Mobile Technologies and conducted by Infosecurity Europe and Computer Weekly reported that PDA owners commonly download the entire contents of their personal and business lives onto their handheld computers – without protecting it with encryption or passwords.

Over 40% of people surveyed had lost a mobile phone and one quarter had lost a laptop or PDA or both and just 2% insured the information held on PDAs.

Pointsec reported that 73% of companies did not have a specific security policy for mobile devices, and blamed this lax approach of companies for the "who cares" attitude of users.

The advice in the report is to start taking security precautions – including the encrypting of data held on PDAs.