A Samsung Galaxy Z Flip7 billed as a refurb turned out to be a store demo unit still enrolled in Verizon's device management system. Two weeks later, that system erased the customer's data, and seven weeks of escalation got him a $400 credit and silence.
When Tom Collery called Verizon in February 2026 about dropped calls and network problems on his personal phone, the carrier's answer was a replacement Samsung Galaxy Z Flip7, sold to him as refurbished. Two weeks later, that replacement did something no consumer phone is supposed to do: it reset itself, remotely, and took every file, photo, and account on it with it.
The Z Flip7 Collery received was not, in fact, a properly refurbished consumer device. It was a store demo unit, still enrolled in the mobile device management (MDM) software that Verizon and other carriers use to track, lock, and reset the company-controlled phones on display in their retail stores. The mechanism that lets a store manager wipe a demo at the end of the night is the same mechanism that, weeks later, erased a customer's life from his replacement phone, according to Ars Technica's reporting on the incident.
That reporting, built on Collery's account — which includes his statement that he has been a Verizon customer for 22 years — walks through a sequence the public telecom industry has no real way to audit. A device leaves Verizon's retail fleet without being de-enrolled from MDM. It is treated as a "refurb." It ships to a paying customer. Weeks pass. Then the carrier's management tooling, which was never told this device was no longer a demo, does what it is designed to do, and a customer's data is gone.
For Collery, the wipe erased personal photos, contacts, app data, and whatever else lived on a phone he had been using as his primary device. He had already escalated inside Verizon before the reset, complaining that the device was misbehaving, that the network issues had not gone away, and that the phone was acting like it belonged to someone else. After the wipe, he pushed for a real explanation. The answer, repeatedly, was that the executive team had "made a bunch of promises" to investigate, but as he reached the highest escalation tier, he told Ars Technica he "just got shut down."
Between Ars's first contact with Verizon and publication, seven weeks passed. The carrier did not disclose which MDM platform was on the device, how a demo unit escaped the refurbishment process, or what concrete remediation steps it was taking beyond Collery's individual case. The only on-the-record statement Verizon provided was: "We are aware of this customer's concern and are actively and directly working with him to address it." That sentence, Ars Technica noted, is the entirety of the carrier's public answer to a specific, named, mechanism-level failure.
The partial remedy that did arrive: a $400 account credit, a different refurbished phone without MDM installed, and permission to keep the wiped device as evidence. None of that addresses the underlying question Collery asked, which is how a store demo unit ended up on his network in the first place, and what step in the carrier's process was supposed to catch that and didn't.
That question sits in a regulatory and commercial gap worth naming. "Refurbished," as a term carriers apply to devices they resell or loan to customers, has no public, auditable chain of custody. There is no equivalent of a vehicle's title history, no published checklist a customer can verify, and no disclosure obligation when a phone is being prepared for a paying customer that says which fleet it came from, which management profiles were on it, and what deprovisioning steps were performed. Carriers treat device preparation as an internal operations matter, and customers are asked to take the "refurbished" label on faith.
MDM sits at the center of why that label, in cases like this, is doing real work the customer cannot see. The same systems that let a retail manager lock a display unit to a single app, push a settings change, or wipe the device after hours are designed to be authoritative. They do not need the device owner's permission to act, because the owner of the device, from the MDM provider's point of view, is the carrier, not the person holding the phone. When a device moves from that fleet to a customer's pocket without being de-enrolled, the customer inherits a phone whose deepest management plane still points at the carrier, with no UI, no warning, and no opt-out. The customer's data is just a setting the carrier has not yet toggled.
This is not the only path by which an MDM-bearing device could reach a consumer. Returned loaners, corporate trade-ins that were never properly un-enrolled, test units circulated by reps, and refurbished devices sourced from third parties all share the same risk vector. The risk has a name in enterprise IT: an unprovisioned device leaving a managed fleet is a known data-handling failure, and the standard remedy is documented deprovisioning, not a customer credit. The same standard does not appear to apply when the fleet belongs to a carrier and the device is being handed to a consumer.
For Collery, the path forward is now legal, not technical. He is considering action, and the device itself, the wiped Galaxy Z Flip7, sits in his possession as the only physical artifact of what his account describes. The carrier's investigation, to the extent one is happening, is private. The MDM vendor has not been named, has not commented, and has not been asked publicly, by the carrier or anyone else, what its deprovisioning protocol is supposed to look like for a demo unit being reclassified as customer-ready.
The watch items from here are concrete. Did Verizon change its refurbishment process, and is that change auditable. Which MDM platform was on the device, and what does that vendor's documented de-enrollment procedure look like. Whether any regulator, at the FCC, FTC, or state attorney general level, treats a carrier-supplied device that erases a customer's data through the carrier's own management tooling as a consumer protection matter or a contract dispute. And whether Collery, or any customer in a similar case, ever gets a written explanation that names the mechanism, the failure point, and the specific remediation.
Until then, "refurbished" from a major carrier remains a label, not a guarantee. The only public evidence of what it actually covered in Collery's case is a $400 credit and a phone with no data on it.