An estimated 630 million phones fail to purge contacts, e-mails, images, and more.

In the first comprehensive study of the effectiveness of the Android feature, Cambridge University researchers found that they were able to recover data on a wide range of devices that had run factory reset. The function, which is built into Google’s Android mobile operating system, is considered a crucial means for wiping confidential data off of devices before they’re sold, recycled, or otherwise retired. The study found that data could be recovered even when users turned on full-disk encryption.

Source: Flawed Android factory reset leaves crypto and login keys ripe for picking | Ars Technica