Field notes from
the bench.
Plain-English explainers from the team building Black Box. Every incident in this blog is cited. We cover phone and laptop repair shop privacy, forensic logging, USB exfiltration, hash chains, and Indian data-protection compliance.
Phone and laptop repair shop privacy breaches: every documented incident from 2021 to 2025
A working catalogue of real, sourced incidents where phone and laptop repair shops snooped, copied, or leaked customer data. Apple, Geek Squad, Trivandrum, Kolkata, Singapore, Guelph and more.
All articles.
New essays drop monthly. Each one is researched, sourced where applicable, and reviewed by our security team before publication.
Phone and laptop repair shop privacy breaches: every documented incident from 2021 to 2025
A working catalogue of real, sourced incidents where phone and laptop repair shops snooped, copied, or leaked customer data. Apple, Geek Squad, Trivandrum, Kolkata, Singapore, Guelph and more.
Apple paid 90 million dollars after iPhone repair technicians leaked a customer photos
The 2016 Pegatron incident and the 2021 settlement: how an iPhone repair pipeline failed, and what the case still teaches in 2026 about repair shop privacy.
The University of Guelph study: half of computer repair stores snoop on customers
How researchers at the University of Guelph proved (with tagged decoy files and battery-replacement requests) that roughly 50 percent of repair shops snoop on the customer files they have no reason to open.
The Kolkata phone repair shop video leak (September 2025): what happened, and why it keeps happening
A Kolkata woman accused her local phone repair shop of leaking her private videos. The viral post triggered nationwide outrage. Here is the documented story and the structural pattern behind it.
The Kerala phone repair photo leak (Trivandrum, 2025): what the case tells us about regional repair shop privacy
A widely shared Reddit post described how a friend personal photos surfaced online days after a phone repair in Trivandrum. Here is the case, the regional pattern, and the practical defence.
The Singapore CNA Insider investigation: how phone and laptop repair shops snoop and copy your data
Channel News Asia ran a 2024 Insider investigation into Singapore phone and laptop repair shops with consent and tagged decoy devices. Here is what they found, shop by shop, and what it implies.
How to protect your phone or laptop before sending it for repair: the 2026 checklist
A 12-step pre-repair checklist for phones and Windows laptops, grounded in real incidents from Apple/Pegatron to Kolkata 2025. Backups, encryption, account hygiene, and forensic recording, in the right order.
DPDP Act 2023, explained for Indian businesses (and what auditors actually look for)
A practical, founder-friendly walkthrough of India Digital Personal Data Protection Act 2023: what changed, what auditors test for, and why audit trails are the easiest mistake to fix.
USB data theft: how 60 seconds and a thumb drive can copy your entire device
USB exfiltration is the most underrated threat in any unsupervised-device scenario. How it actually works, why standard antivirus misses it, and what kernel-level monitoring can do.
Hash chains, explained for non-cryptographers
What a hash chain is, why it makes a log file tamper-evident, and what it does not do. A short, no-math explainer for product, security, and ops teams.
Forensic logging vs activity monitoring: what is actually admissible in court
Activity monitoring tells you what happened. Forensic logging produces evidence. The difference matters when it stops being a security question and starts being a legal one.
The Marks & Spencer breach explained: how attackers used a third-party IT help desk to take down a £300M retailer
A detailed walkthrough of the April 2025 Marks & Spencer cyberattack — how social engineering against TCS help desk staff bypassed M&S's defences, and what tamper-evident session logging would have changed.
Insider wrongdoing at Tesla: how two former employees walked out with 100 gigabytes of confidential data
The 2023 Tesla insider breach exposed 75,735 employee records and showed how easily a departing employee can exfiltrate years of internal data without triggering a single alert. What happened, why endpoint security alone cannot catch it, and what session-level forensics would have shown.
Why every enterprise device handover should produce evidence: the case for forensic logging in IT service workflows
Enterprises hand devices to internal IT, third-party contractors, and external repair vendors thousands of times a year. Most leave no forensic record. We explain why this is a compliance gap under DPDP, GDPR, and HIPAA — and how a tamper-evident handover log changes both legal posture and incident response.