Tesco's Hudl tablet was at the heart of an investigation which found that using the factory reset option does not get rid of sensitive data.
The BBC worked with security experts to examine the Android operating system's data deleting system, and found that Tesco's budget Hudl had a flaw which could potentially let hackers access data such as photos and messages even if it was thought to be deleted.
The investigations were carried out on second-hand devices bought on eBay. The Hudl was found to be the most vulnerable device because of a known bug that lies in the processor.
Using a free software, the BBC investigator was able to access data in minutes and extract pin codes to unlock devices.
CBR reached out to Tesco for comment, and got a standard reply of: "Customers should always ensure all personal information is removed prior to giving away or selling any mobile device. To guarantee this, customers should use a data wipe program."
Sven Boddington, VP Global Marketing at Teleplan, said: "To say its worrying to find tablet devices are being sold with data still on them is an understatement. This is not the first instance, we're constantly seeing this kind of story in the news. As consumers, we are becoming increasingly reliant on our mobile devices, from basic communications, social media, to mobile banking and payment transactions, and therefore the data they carry is more and more sensitive.
Tesco said that any tablets returned to the store will have all data wiped. The superstore also recommended visiting the getsafeonline.org website to learn about how to keep data safe.