In a report that surprises no one, half of of small computer shops access customers’ private data, with some copying and saving it.
Small computer repair shops may be a common site, but a new report indicates customers should be wary before taking their computers to them. Researchers at University of Guelph in Ontario, Canada took laptops to 12 repair shops. The laptops were fully functional, except for a disabled audio driver. The researchers specifically chose that issue, since it is easy to diagnose and repair, and does not require access to personal files.
The researchers populated the computers with what appeared to be personal information, online accounts, a crypto wallet, and a variety of sexual and non-sexual pictures. The researchers also made it appear that half the computers belonged to men and half to women.
In 50% of cases, the researchers found that personal files were accessed by the repair shop, although unsurprisingly the computers that seemed to be belong to women were much more likely to have their data accessed. In at least two cases, one for a male customer and one for a female, data was copied and saved onto personal devices.
“We were blown away by the results,” Hassan Khan, one of the researchers, said in an interview with Ars Technica. The researchers were especially concerned with the data copying.
“We thought they would just look at [the data] at most,” Khan added.
With few if any real privacy safeguards in place, most customers would do well to take their computers to reputable large companies, at least until small shops get with the program, in terms of privacy.