A survey of London commuters suggests that 4.2m Britons store data on their mobiles that could be used in identity theft in the event they are stolen.
Only six in 10 use a password to limit entry into the phones, according to the survey by security firm Credant.
The survey found that 99% of people use their phones for business in some way, despite 26% of them being told not to.
Security experts say that password protection and, where possible, data encryption, is essential.
The advent of smartphones has seen the types of information that pass through handsets proliferate and it is now much more common to store sensitive information and work-related details on handsets.