Verizon shipped a Samsung Galaxy Z Flip7 to longtime customer Tom Collery, but the unit was a store demo still tagged with Mobile Device Management software. The MDM profile let the carrier remotely control the phone, and after two weeks the device reset itself, erasing all personal data. Collery discovered the issue when login attempts were blocked and a “Device owned by Verizon” notice appeared.

Verizon replied with an internal investigation but offered few details about how the demo phone bypassed its 150‑point inspection. The carrier credited Collery $400 and sent a second refurbished phone without an MDM profile, allowing him to keep the original device as evidence. Security researcher Cooper Quintin warned that the mishap suggests broader gaps in Verizon’s data‑wiping procedures for refurbished units.

The incident highlights the risk of carriers reselling demo hardware without proper sanitization, a practice that could expose customers to data loss and corporate surveillance. FCC filings confirm the phone was mistakenly classified as a demo, prompting calls for an external audit of Verizon’s refurbishment workflow. Consumers now face heightened scrutiny when accepting replacement devices from their provider.