Anonymous Dumps 1 Million Apple IDs After Alleged FBI Hack
Hackers operating under the Anonymous umbrella have leaked more than 1 million Apple iPhone and iPad IDs, which were allegedly swiped from the FBI.
On Monday, the Antisec arm of the hacker collective said it had released 1,000,001 unique device identifier numbers (UDIDs) used by Apple, app developers, and ad networks to label iPhone and iPad users. The details were allegedly stolen from the FBI.
The hackers posted a lengthy message on Pastebin with links to data culled from a larger database of more than 12 million users' personal information, Forbes said.
Forbes' Andy Greenberg downloaded and decrypted the encrypted files. While there is no simple way to confirm the authenticity or source of the data, he found an enormous list of 40-character strings composed of numbers and letters A through F – Apple UDIDs' DNA, Greenberg said.
Each line comes with what Anonymous says is an Apple Push Notification badge, as well as a username and a note signifying the accompanying device.
"We decided we'd help out Internet security by auditing [the] FBI first," the Antisec message said.
The hackers trimmed out personal data like full names, cell numbers, addresses, and ZIP codes, but left one main column that included enough information to help users see if their information was listed or not, the group said.
Antisec said it had Robin Hood-like motives – rob from the government and give to the citizens.
"We have learnt it seems quite clear nobody pays attention if you just come and say 'hey, FBI is using your device details and info and who the [expletive] know what the hell are they experimenting with that', well sorry, but nobody will care," they said.
The data was breached using a vulnerability in Java, according to Antisec, which also reiterated its support for WikiLeaks and its editor, Julian Assange, who was recently granted political asylum by Ecuadorean officials.
The hackers' statement said that this is the right moment to release the data because Apple is looking for alternatives to the UDID system.
"We never liked the concept of UDIDs since the beginning indeed," Antisec said. "Really bad decision from Apple. Fishy thingie."
Anonymous has refused to grant interviews to the press, saying that for now, their released statement will be the only comment.
In June 2010, an AT&T security breach exposed 114,000 email addresses and ICC-IDs of various Apple iPad owners. Two men were arrested for the crime last year.