The BlackBerry had been put up for sale on the auction site by a
former vice president for mergers and acquisitions with Morgan
Stanley.
The unnamed seller told Wired News, "It didn't even occur to me
that it would have this stuff still on there because it had been
lying around for a long time without a battery in it". He added,
"Had I known there was anything on it, I wouldn't have sold
it."
In fact the pager contained over 200 confidential internal
e-mails, and details of Morgan Stanley employees, including their
names, e-mail addresses and phone numbers.
The case is the latest example of a lax attitude to the security
of pagers, PDAs and other portable devices within the business
sphere.
In July this year, a PDA usage survey commissioned by Pointsec
Mobile Technologies and conducted by Infosecurity Europe and
Computer Weekly reported that PDA owners commonly download the
entire contents of their personal and business lives onto their
handheld computers – without protecting it with encryption or
passwords.
Over 40% of people surveyed had lost a mobile phone and one
quarter had lost a laptop or PDA or both and just 2% insured the
information held on PDAs.
Pointsec reported that 73% of companies did not have a specific
security policy for mobile devices, and blamed this lax approach of
companies for the "who cares" attitude of users.
The advice in the report is to start taking security precautions
– including the encrypting of data held on PDAs.
