Google’s Android factory reset is flawed, your data is recoverable

When you decide to ditch an old phone and upgrade to something new and better, the first thing you’ll do on Android is perform a factory resent to make sure that all of your data is wiped clean. Well, researchers at Cambridge University have uncovered something that’s both shocking and unexpected.

According to a report, the Android factory reset option is flawed and it has been since a long time. The feature doesn’t really work as it’s supposed to as a good deal of data somehow manages to remain even after a complete wipe. And owing to this, personal data can be extracted and used for malicious purposes.

Ars Technica states that the researchers got hold of 21 Android smartphones running version 2.3 to 4.3 and their findings revealed that all devices weren’t wiped clean with data still accessible. By this we mean images, contacts, videos, SMS and more, even content from apps like Facebook and WhatsApp.

Android Factory Reset

What’s even more shocking is that data was recoverable even if full-disk encryption was turned on. And to make matters worse, researchers managed to recover a master token and restore the credential file which basically opens access to Google user data.

This isn’t the first time we’ve heard of this issue. We ran a similar story last year where security company Avast got hold of 20 different Android phones off eBay and managed to recover loads of content even after they were wiped clean.

Also read: Native fingerprint recognition and a lot more coming to Android M

You’d thing that Google would have fixed the issue by now, but there’s a good possibility that even Lollipop powered devices are affected. This however, is yet to be clarified as the above researchers only conducted the tests on devices running version 4.3 and below.

Now that the issue is out in the open, we’ll probably see Google do something about it or even clarify if the factory reset flaw is present in the new versions of Android.