More than one million Apple Unique Device Identifiers (UDIDs), which were allegedly obtained from an FBI breach, have been leaked by hacking group AntiSec.
The Anonymous hackers claim to have obtained information about more than 12 million Apple iOS devices from the FBI, including UDIDs, usernames, phone numbers, addresses and other personal information.
A statement issued by the AntiSec reads:
“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. No other file on the same folder makes mention about this list or its purpose.”
AntiSec’s aim in publishing the information is to suggest that the FBI has been using the information to track citizens. The NCFTA acronym referenced in the file name could refer to National Cyber-Forensics & Training Alliance, according to reports.
“We never liked the concept of UDIDs since the beginning indeed,” wrote AntiSec. “Really bad decision from Apple. Fishy thingie.”
However, the hackers have refused to provide journalists with any further information until a photo of Gawker staff writer Adrian Chen wearing a tutu and a show on his head is featured on the front page of the website.
The Next Web has created a UDID checker to allow iOS users to determine whether their device was one of the million leaked by AntiSec.