UPDATE: Antisec Hackers Steal and Release 1 Million Apple UDIDs

The hacker group Antisec has reared its ugly head once more, this time lifting over 1 million unique UDIDs (Unique Device Identifier) from an FBI laptop.

Antisec posted a lengthy brag to Pastebin, which is the preferred site for hackers and hacktivist groups such as Lulzsec and Anonymous when posting about files and systems they have hacked. Along with 1 million and 1 UDIDs, the group issued a typically boastful statement explaining how and why it obtained the information, and from where.

Every Apple mobile device has a unique identifier, which each user can find through iTunes. It’s this ID that links an iPhone or iPad to an Apple account, and allows the user to connect to the App Store and download apps. Over 1 million of these were lifted from the laptop of an FBI agent, and posted as a free download for anybody who wants to snoop. In the wrong hands, a UDID can be linked to a particular device and further information.

Antisec claims that it ‘trimmed out’ most of the sensitive information but has left some in, such as postal or zip codes, to help people to check if their data is in the package. It also claims that the original file that it lifted from the laptop contained over 12 million UDIDs, but it chose to only release 1 million.

A section from the somewhat lengthy and rambling post reads;

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. No other file on the same folder makes mention about this list or its purpose.

While many will be alarmed by the possibility of their data floating around online, many have turned to asking just why the FBI has over 12 million Apple device IDs on record. Questions have been asked about whether the data was obtained as part of a raid on a developer, and whether the FBI is tracking a large portion of Apple customers for whatever reason.

**UPDATE**

Unsurprisingly, the FBI has been quick to deny involvement in this whole fiasco. AllThingsD reported earlier today that they denied having ownership of 12 million Apple UDIDs:

“The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

The FBI’s Press Office Twitter account also tweeted to deny Antisec’s claims:

“Statement soon on reports that one of our laptops with personal info was hacked. We never had info in question. Bottom Line: TOTALLY FALSE”

Let us know your thoughts on our comments below or via our @Gadget_Helpline Twitter page or Official Facebook group.

Via: 9to5mac