Security researchers at Avast, a security software developer, found that data from a smart phone can remain on the device even after a factory reset. This includes information such as photos, videos and sometimes contacts.

This was discovered after the company purchased a number of phones that were assumed to be “wiped,” or cleared of any data from the previous user. What they found instead was over 40,000 photos, 750 emails and texts, and the names and addresses of 250 people.

The fear, according to Avast, is the possibility of secondhand retail markets allowing users to sell phones that still have their personal data on them to strangers. Instead of actually wiping the data itself from the phone, operating systems delete the data linking those files to the rest of the OS. With the proper tools, recovering this information is relatively simple and the data will remain there until new information is written over it.

Avast and other security software manufacturers are attempting to help solve the problem by developing software that sets itself between the user and the phone, usually through a standalone application.