What a dumb mistake.
According to the article this applies to Android from version 2.3 all the way up to version 4.3 which is the highest they've tested. . . but I wonder if they tested Android 5.0 Lollipop, if they'd find the same thing? If they'd found such a huge flaw in the older versions and fixed it, they are bound by law to have reported this flaw in the older versions, and they have NOT. I suspect they did not find and fix it in 5.0.
However you look at it, there are according to them at least 630 million devices at risk! Android 4.4 Kitkat is at about 40% adoption and 5.0 Lollipop is around 4%. . . so over 50% of Android users are for certain vulnerable.
I am pinging the Apple users to this article. . . a lot of them do use Android devices and need to know they need to find a secure method to wipe the data off their devices before they dispose of them. I suggest you ping the Windows/Microsoft people as well for the same reason. ShadowAce, ditto for you to catch the Linux users.
Now that this is known—and apparently it is fairly easy to get the data off of a factory reset phone or tablet—you just know the hackers and criminals will be mining the phones for the gems and gold that will pay off big time.