SOS – Stolen hardware

In brief

A number of measures have been defined to diminish the risks relating to this type of problem. If a device is not returned, it is recommended to perform the following steps:

  • Step 1: If the device has access to your accounts (email, social media), please remove this authentication from all your accounts. All you have to do is log in to your accounts online and change the authentications.
  • Step 2: Change the passwords for all the accounts that can be accessed by the device.
  • Step 3: Activate dual authentication for the accounts that can be accessed by the device. Please note that all accounts should have dual authentication.
  • Step 4: If you installed a tool capable of deleting data and the history, use it.

What should you do if a device is returned?

If the owner can retrieve their device, they should treat it as untrustworthy and even compromised, as they cannot know who has had access to it. If you suspect any kind of malicious installation, it is important to reinstall the software or even migrate all the data to a new device. The First Aid kit describes several measures that should be taken if the device is returned after a certain amount of time: http://www.circl.lu/pub/dfak/DevicesSeized/.

Prevention remains key to lessen the risks when a device is lost, stolen or seized. Simple actions are recommended to protect data, such as encryption, passwords, locking with a PIN code for telephone, tools that enable data to be deleted remotely, the installation of theft alarm software.

Please read through the full article on the CIRCL website.