Apple’s Unique Device Identifiers hacked and leaked from FBI Breach - Apple started rejecting applications that used Unique Device Identifiers (UDIDs) due to some privacy concerns and security reasons. They did this as a number of apps were misusing this information.
These concerns are now a lot more serious as a hacking group called “AntiSec” announced that they had acquired more than 12 million UDIDs from an FBI laptop. They also said that they have released a million of those UDIDs public just to show the world that they were not joking around.
This is what Hacker News had to say:
“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.”
The hackers said that they had deleted most of the personal information but had left just enough so that users could see if their Device ID was listed or not. Macrumors has confirmed these device IDs are real.
Should Apple users be worried about this? Maybe not, but what is curious is the fact that what exactly was the FBI planning to do with over 12 million device IDs?
The UDIDs themselves are harmless, however if linked with social media services, they can be trouble.
The hackers also stated:
“We never liked the concept of UDIDs since the beginning indeed. Really bad decision from Apple. fishy thingie”
It will be interesting what Apple and the FBI have to say about this. Feel free to comment!