I recently bought a cordless phone handset on eBay that interoperates with a multi-handset base that I already have. It was advertised as used, but in good working order. It arrived intact in the mail, about eleven days after I had paid for it. It was shipped without the battery installed, about as I would expect.

Here’s the interesting thing. Despite being shipped without a battery, after charging, it showed that it had about ninety calls stored in it’s Caller ID memory. The last one recorded was from about November 1st, presumably about the time the handset was taken offline, and conceivably, when the battery was removed.

While I don’t think this particular information represents a dramatic leak of someone’s personal information, it does stand as a good reminder of the various ways to inadvertently compromise your own privacy with the devices you might be selling.

We’ve heard plenty of stories of hard drives, laptops, even full PC’s being resold over the internet loaded with personal data about someone. The story I tell you now, however, should be a reminder to consider everything a potential risk, that needs serious thought before you allow it to leave your personal sphere of influence.

About the Author Michael Santarcangelo

The founder of Security Catalyst, Michael develops exceptional leaders and powerful communicators with the security mindset for success.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Don't know where to start?

Check out Security Catalyst Office Hours to meet your peers and celebrate the good, help each other, and figure out your best next step. We meet each Friday… and it’s free to attend.