3

As the title stated. My friend personal email is connected to her personal phone. She works on the iPad and her work iPad is connected to her work email. She never checked her personal email on her work iPad. She completely separated work device and personal device. However, after she was let go she found out all her work contacts were deleted. Is it possible someone hacked to her phone and delete all her work contacts?

What can she do to find out if her employer have breached her phone and how should she go about this situation?

techraf
  • 9,141
  • 11
  • 44
  • 62
spaceDog
  • 151
  • 3
  • 17
    They simply revoked her access which removed the contact sync, of course it depends on the application but if it's Exchange (or similar), they can completely revoke all work data (names, numbers, emails, etc.). They have the right to do this, but no. They did not hack her phone. – Signus Jun 28 '16 at 20:11
  • Thanks for responding, but she never installed any software on her personal phone nor she connected to her work device using her personal phone. She manually entered each contacts herself. How it is someone with no access to a device is able to delete her contacts? – spaceDog Jun 28 '16 at 20:32
  • @spaceDog she never connected her work email to her phone? – hopkins-matt Jun 28 '16 at 20:33
  • 2
    You said "She completely separated work device and personal device" but you forgot to mention she manually entered work contacts into her *personal* device. Even if she manually entered them, if it was on the same device she has her work email synced, those contacts are "duplicates" and can be deleted since they contain the same information. Please clarify. – Signus Jun 28 '16 at 20:35
  • 6
    You need to clarify if she is using iOS devices (iPad and iPhone) and the iCloud account is the same on each. If so, there is no real separation between devices even if she only "used" one for work and one for personal. – Jeff Meden Jun 28 '16 at 20:43
  • Sorry, for not being clear. She had two separated iCloud accounts for personal and work. She uses her personal email for her personal iCloud. However she does text her co-workers on her personal phone. But as for work, she had a work email that connects to work iCloud. So the personal and work account are separated. The work place never have a central sync system, so we don't know how her work contacts were deleted. And her work-contacts also uses their personal phones. Thanks for responding guys! – spaceDog Jun 28 '16 at 21:53
  • 1
    Did you ask the employer? – Neil Smithline Jun 28 '16 at 22:35
  • Did she use work Wi-Fi? – Neil Smithline Jun 28 '16 at 22:35
  • Hey Neil, yes she connected to work wifi. What do you think ? – spaceDog Jun 29 '16 at 00:09
  • As part of the process of setting up work wifi did she have to install an app provided by the workplace, and/or hand the phone over and let them set it up for her? Not necessarily suggesting they did anything nefarious, but they may as a matter of routine set up an Exchange Activesync account on her phone or something? – thomasrutter Jun 29 '16 at 00:24
  • She said, no one touched or helped her install any app for wifi. She connected like how we normally do it. Find the wifi name and enter password. Though, it is a company wifi. – spaceDog Jun 29 '16 at 00:58
  • Anyone thought of Mobile Iron (or something similar)? This could send a remote wipe command specifically for work related mobile applications. – Jeroen Jun 29 '16 at 05:50
  • @Jeroen-ITNerdbox This requires installation of a profile (and sometimes agent) on the device which OP says did not happen. – DKNUCKLES Jun 29 '16 at 13:41
  • Thanks guys!!! Is it possible to check if anyone have gained access to the phone? – spaceDog Jun 29 '16 at 14:42
  • Has your friend looked in the iCloud deleted content section to try to reverse the deletion? If they were properly entered and saved on a device using her personal icloud account, even if someone "hacked" it she would still be able to recover the contacts. – Jeff Meden Jun 29 '16 at 16:22

2 Answers2

4

Well then, to try and fully answer your questions:

Is it possible someone hacked to her phone and delete all her work contacts?

I will say this with a resounding no. It's theoretically possible for them to hack into the device, but while not only highly unlikely it is also impractical for anybody to remove just her work contacts.

  1. The company has no reason: These are just names and numbers and do not violate any non-disclosure agreement I've ever heard of. They would have no reason to hack into a device just to remove contacts. See my explanation below for this.
  2. No other person has any reason: What would any other person outside of the company gain from deleting those specific contacts? Nothing I can think of.

The most likely scenarios are:

  • These contacts were revoked because her phone (personal or work) were synced to Exchange/ActiveSync, or some other method that the company had control over that would allow them to revoke this information. It was mentioned that she used Wi-Fi to connect the devices
    • PEAP and RADIUS are a common authentication/authorization protocols used on WPA2 Enterprise networks that can install profile information on certain types of devices, by signing in you agree to certain terms and conditions that may involve the ability to remove information from your device. This they are legally allowed to do because it allows them the ability to control whether or not an employee steals/leaks information.
  • As mentioned by user Jeff Medden, it is possible contact information was synced across an iCloud account (if it was an iOS device), whether your friend knew it or not. People often run into this without understanding the boundaries of what iCloud can control (which is a LOT).
  • Negligence. This could mean she entered them in and thought she saved them, but didn't. It could also mean she intended to have them sync to iCloud, Google, etc. and it didn't (I've personally done that one).

There's not much else to throw at that one. I'll just tell you that people make mistakes and your friend may have made one without realizing it. Jumping to the conclusion that a company hacked her is a little farfetched.

What can she do to find out if her employer have breached her phone?

Let's say the company really did breach her phone then yes, there are ways to find out.

However, they're probably beyond your means or ability to do so. Even having a specialist look at the device will probably yield no results.

How should she go about this situation?

She doesn't, and really, she can't.

If they hacked you (which I laughably doubt), you have to be able to prove it and prove that it was not legally within their means to do so.

I would just tell you that if you want these contacts to try and reach out to these people via LinkedIn or whatever means you have and leave your paranoid ideas at the door.

Signus
  • 260
  • 1
  • 10
  • Phrasing in "*there's almost no way to find out (depending on the device)*" is contradictory, it reads rather like "there are ways to find out" – techraf Jun 30 '16 at 04:38
  • Almost no way indicates there are methods to do so, if the phrasing is weird to read I can certainly change the wording. There are ways, technically, but they're beyond most people's technical capabilities. Thanks for the edits though @techraf! – Signus Jun 30 '16 at 15:06
  • @techraf I would agree with Signus, that the phrase does make sense and isn't contradicting itself. There is almost no way to find out is pretty accurate, because you will most likely never find anything. The stars would have to align just right, and pigs would start to fly, before you were lucky enough to see who hacked into your phone. – dakre18 Jun 30 '16 at 21:03
  • @Signus thank you for your explanation! I would like to know more about online security. Can you tell me where to start? Thanks – spaceDog Jul 01 '16 at 04:45
  • @spaceDog That's a rough one - I would take a look at http://security.stackexchange.com/questions/266/resources-to-learn-about-security for some ideas. Security is a very broad field, which is why I have a job ^_^ – Signus Jul 01 '16 at 05:22
0

It's likely her former employer deactivated her work account. If her contacts were saved/associated with the work email, then they would have been lost in the process.

jdp
  • 17
  • 1
  • 4
    @Jedi In fairness its really the only plausible explanation despite what OP is reporting about the situation. Why an employer would bother to "hack" a former employees personal icloud account to delete work related email contacts is baffling, as well as the means to do it (unless they somehow recorded her personal icloud password while she was using a work device) – Jeff Meden Jun 29 '16 at 16:18
  • got it! thank you guys for the answer. I really appreciate you guys took the time to answer my question. <3 – spaceDog Jun 29 '16 at 21:07