1 in 3 repair shops snoop on devices sent in for fixing
12 devices out of 40 snooped on, according to a Talking Point investigation.
Sending your device in for repairs? 1 in 3 technicians snoop on customers' private files, says a new investigation of repair shops in Singapore.
This alarming data was uncovered by the programme Talking Point, which sent in rigged devices to shops.
Too curious for good
What happens when you send in your laptop or smartphone for repairs? Talking Point worked with NUS interest group Greyhats of NUS to find out.
- Devices loaded with plausible-looking data.
- Wi-Fi driver on Windows is then deleted.
- Fixing it is relatively straightforward.
No access to personal documents is required to fix the issue. But after sending them to 40 different shops for repairs, 12 of them - 3 phones and 9 laptops - were snooped on.
I know what you did last... repair
This was established thanks to a screen recording programme developed by Greyhats.
Some actions:
- Access to photo albums, My Files application.
- Access to accounts: Snapchat, OnlyFans, Gmail.
- Copying of photos and docs to external USB drive.
One technician even attempted to clone the entire storage drive, which creates a wholesale copy of everything.
Another case
This isn't the first such incident. Last year, a phone repairman accessed the messages of a man whose smartphone was sent in for a screen replacement.
After finding intimate photos of his fiancée, the repairman forwarded 40 of them to his personal phone.
He was arrested and eventually jailed when the owner found the new chat window containing the forwarded photos.
What to do
According to Talking Point:
- Accessing photos, personal files a grey area legally.
- No universal standard for data handling in repair shops.
However, it becomes theft when technicians download, extract or retain personal information without the customer’s knowledge.
What should users do? I'll probably write another post about it, but for a start:
- Don't give away your password.
- Protect your data with full disk encryption.
Have you sent in a device for repairs recently?
Check out the episode here.
