AntiSec claims to have stolen 12 million Apple UDIDs from FBI

Yet another cyber attack has resulted in private information being released to the public, but this time the group claims they got the data from the notebook of an FBI agent. The group, AntiSec, says the information itself is a ton of Unique Device Identifiers (UDIDs) for Apple iOS products.

News.com reports that the AntiSec group posted one million of the UDIDs on the PasteBin website and claims to have retrieved over 12 million UDIDs from the notebook that was used by FBI Supervisor Special Agent Christopher K. Stangl. The group claims to have hacked into the agent's Dell Vostro notebook in March using a Java exploit.

AntiSec doesn't like the use of UDIDs on Apple products, claiming in its message, "We always thought it was a really bad idea. That hardware coded IDs for devices concept should be erradicated [sic] from any device on the market in the future."

Even though it posted one million Apple UDISs, AntiSec did remove more personal information from its public data dump, including the names, addresses and phones numbers associated with the devices. So far, the FBI has yet to comment about this apparent data breach from one of its notebooks.

Source: News.com
Hacker image via Shutterstock

Report a problem with article
Previous Story

Black Mesa's Xen chapter to be expanded into whole game

Next Story

HP makes the Windows 8 transition easier with tutorials

35 Comments

Commenting is disabled on this article.

Yeah...I agree R1ddl3r, why does the FBi have these - or at least why do they have 12m of them! -was my first thought too

Osiris said,
Yeah...I agree R1ddl3r, why does the FBi have these - or at least why do they have 12m of them! -was my first thought too

We could ask Apple, but they'll probably just ignore the question like they ignore 99.9% of every other query.

Jahooba said,

We could ask Apple, but they'll probably just ignore the question like they ignore 99.9% of every other query.

Well, at least their products are neat!

Jahooba said,

We could ask Apple, but they'll probably just ignore the question like they ignore 99.9% of every other query.


Try to ask the same question to other OEMs or to Carriers...... all of them will not reply to you thanks to our governement shielding them from any wrongdoing in these kind of matters .

r1ddl3r said,
The real question is how did FBI got ahold of said UDIDs? Through Apple?

Apple, Carriers who knows?
The point is why the FBI had them? And if the data was from Apple be reassured that all other OEM are giving them to the FBI.

The point is ... Why is Apple or wireless carriers giving this information to the FBI en mass? Usually this kind of personal information would require a warrant, unless given freely by the manufacturer or carrier.

Who knows what having this information allows them to do. Track you with GPS perhaps?

ahinson said,
The point is ... Why is Apple or wireless carriers giving this information to the FBI en mass? Usually this kind of personal information would require a warrant, unless given freely by the manufacturer or carrier.

Who knows what having this information allows them to do. Track you with GPS perhaps?

Warrants are so 2001.

THolman said,

Warrants are so 2001.


This.

I don't want personal liberty to stand in my way of feeling more secure!
Only terrorists and rapists need privacy.

/s

GS:mac

Lamp0 said,
IT'S NOT STEALING, IT'S COPYING!!
This is no more copying than Pirating is copying. If you copy something that is not yours, does that make it ok?

So if you leave your laptop on bench and I manage to copy the tax information from it. Is that copying, or stealing? I'd say stealing. I took something that wasn't mine to take.

Remember that most people think that copying a music album is not stealing either. Sad decay of society...

I agree with you that it is stealing.

ahinson said,
This is no more copying than Pirating is copying. If you copy something that is not yours, does that make it ok?

So if you leave your laptop on bench and I manage to copy the tax information from it. Is that copying, or stealing? I'd say stealing. I took something that wasn't mine to take.

NeoPogo said,
Remember that most people think that copying a music album is not stealing either. Sad decay of society...

I agree with you that it is stealing.

Theft, stealing, is an act that deprives another the use of the item taken. That's the original definition by law. Piracy is not depriving anyone from listening to music or watching a movie. Rather, piracy decreases how lucrative it is for a corporation to sell information. There's a reason it's a separate concept called piracy.

And that's really where the debate is. Should corporations be monopolizing information? Should there be a difference between what a corporation does and what a normal person does? Do corporations have more rights than individual citizens?

The real question is why do the FBI have personal information of so many Apple customers, did Apple hand it over?

Simon- said,
The real question is why do the FBI have personal information of so many Apple customers, did Apple hand it over?

Either them or app developers who could still request the UDID until iOS5.

GS:mac

zikalify said,
Why did the FBI have a bunch of UDID's?

Why don't you trust them?
I register all my serial numbers, IMEIs, UDIDs and software license keys with them without their request to feel safe!

/S

GS:mac

So errr, kinda confused as to who cares about your UDID? It proves when you bought it and that you still have a warranty and how to track it...
So they want mobile devices that can be stolen and are untraceable/unblockable? Great....

n_K said,
So errr, kinda confused as to who cares about your UDID? It proves when you bought it and that you still have a warranty and how to track it...
So they want mobile devices that can be stolen and are untraceable/unblockable? Great....

UDID is used by the really bad advertisers (not Google) to deliver targeted ads.

n_K said,
So errr, kinda confused as to who cares about your UDID? It proves when you bought it and that you still have a warranty and how to track it...
So they want mobile devices that can be stolen and are untraceable/unblockable? Great....
Something tells me that UDID's give away more information than you realize. Did you even read the article? Phone numbers, addresses, names, and more.

Please inform me how that's not bad or how it wouldn't be useful to a criminal or oppressive government.

By the way, there are many other ways to trace or block a lost/stolen device. People do it all the time. No UDID for my Android phone and yet, I would be more than capable or tracking it, recovering it, or having it black listed.

KCRic said,
By the way, there are many other ways to trace or block a lost/stolen device. People do it all the time. No UDID for my Android phone and yet, I would be more than capable or tracking it, recovering it, or having it black listed.

No UDID? Take the back cover of your phone off and look for a long number of digits called the IMEI, there's your UDID equilivent.

I get how it's bad if say the FBI has the list, not sure about that if I'm honest .

All but Google huh? Something is trixie with that one, as Gollum would put it...

thealexweb said,

UDID is used by the really bad advertisers (not Google) to deliver targeted ads.

NeoPogo said,
All but Google huh? Something is trixie with that one, as Gollum would put it...

No major ad networks use it, it's the smaller and more crafty ones

n_K said,

No UDID? Take the back cover of your phone off and look for a long number of digits called the IMEI, there's your UDID equilivent.

I get how it's bad if say the FBI has the list, not sure about that if I'm honest .

Ah yes, I figured you would point that out. My IMEI isn't attached in the same way the UDID is. Also, my IMEI wasn't dumped off an FBI agents laptop. If it were, it would be useless since there's no address or anything attached to it. Just the device itself. The carrier might have more info but the IMEI alone is more like a MAC for the network - that's all.

Also, that's great that you are fine with giving up your rights and freedoms because "you're honest". So am I, however, if I am expected to obey the law so should they.

KCRic said,
Ah yes, I figured you would point that out. My IMEI isn't attached in the same way the UDID is. Also, my IMEI wasn't dumped off an FBI agents laptop. If it were, it would be useless since there's no address or anything attached to it. Just the device itself. The carrier might have more info but the IMEI alone is more like a MAC for the network - that's all.

Also, that's great that you are fine with giving up your rights and freedoms because "you're honest". So am I, however, if I am expected to obey the law so should they.


I didn't say about giving up freedoms? Now you're just talking out your arse.
Your IMEI not linked to anything? Hah, you're an idiot if you don't think it's linked. Your carrier has it, the police has it, it's on lots of shared databases, just like a UDID is, trying to say they're not the same kind of thing is pretty daft.

n_K said,

I didn't say about giving up freedoms? Now you're just talking out your arse.
Your IMEI not linked to anything? Hah, you're an idiot if you don't think it's linked. Your carrier has it, the police has it, it's on lots of shared databases, just like a UDID is, trying to say they're not the same kind of thing is pretty daft.
Well if that's the case then you need to read before hitting the post button. It came off completely different.

Now as far as the IMEI thing - no, it's not attached to you. Yes it can be linked just as your computers MAC can be linked to you. However, my name, address, and phone number aren't directly linked to the IMEI on the phone. It's literally just a number carriers use to know if a phone should be on the network or not. Also it's used to ID the type of phone, brand, and model. It's not an ID number for your account or anything. Using an IMEI to track your location, sites you visit, and other things it's a real PITA way to do it when a carrier does it much easier through your authorized usage of their services.

KCRic said,
Now as far as the IMEI thing - no, it's not attached to you. Yes it can be linked just as your computers MAC can be linked to you. However, my name, address, and phone number aren't directly linked to the IMEI on the phone. It's literally just a number carriers use to know if a phone should be on the network or not.

Woah woah woah, I'mma stop you right there, go get a phone on contract, stop paying after the first month and report back when you get a notice through your door about an unpaid phone bill and suddenly your phone says its blocked no matter what SIM card you use in it.
I'm free to accept your apology anytime.

n_K said,

No UDID? Take the back cover of your phone off and look for a long number of digits called the IMEI, there's your UDID equilivent.

I get how it's bad if say the FBI has the list, not sure about that if I'm honest .

heheh aint it amazing how people dont realise every mobile device as a "unique identifier" regardless of maker.

n_K said,

Woah woah woah, I'mma stop you right there, go get a phone on contract, stop paying after the first month and report back when you get a notice through your door about an unpaid phone bill and suddenly your phone says its blocked no matter what SIM card you use in it.
I'm free to accept your apology anytime.
Hahahaha!!!! What?! If you use a SIM card then that SIM card is blocked - not the freaking phone. You just need to stop right now before you hurt yourself.

And no, they don't put a letter on your door. The carrier attempts to call you multiple times before sending a letter via the postal service. Sometimes not even that. It just goes to collections and then you get awesome calls from soulless freaks.

You sir have massively failed in so many ways. Please stop commenting. It's annoying. What country are you in by the way? Must not be the US...