Today, hackers at AntiSec claimed that they had got their hands on a database containing around 12 million UDID numbers from iPads and iPhones from an FBI employee-owned computer.
Antisec explains how it obtained the data from an FBI agent’s laptop:
“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zip codes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incomplete on many parts. No other file on the same folder makes mention about this list or its purpose.”
The file contained a list of more than 12 million Apple iOS devices, including Unique Device Identifiers (UDID), user names, names of devices, types of devices, Apple Push Notification Service tokens, ZIP codes, cellphone numbers, and addresses.
A FBI spokesman responded to the alleged hack:
“The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”
The hackers said they released the Apple UDIDs so that people would know that the FBI may be tracking their devices and also because, they wrote in their online post; “we think it’s the right moment to release this knowing that Apple is looking for alternatives for those UDID currently … but well, in this case it’s too late for those concerned owners on the list.”
If you would like to see if your device is on the list, click here to view the 1 million UDID’s that were released to the public by AntiSec.
Do you believe that the FBI had this information?
If so, why would the FBI be tracking 12 million iOS users? If you don’t believe that the FBI possessed this data, then you should ask yourself; “Where did this data come from”?