Tuesday, September 04, 2012

AntiSec Leaks 1 Million Apple Device IDs Obtained During FBI Breach [Hacking]

Source: http://gizmodo.com/5940183/antisec-leaks-1-million-apple-device-ids-obtained-during-fbi-breach

AntiSec Leaks 1 Million Apple Device IDs Obtained During FBI BreachAntisec has released 1 million Apple Unique Device Identifiers (UDIDs), claiming that it obtained them after breaching an FBI computer. It also claims to have over 12 million IDs in total, along with user names, device names, cell phone numbers and addresses to go with them. In a statement Antisec explains:

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.

Antisec suggests that the FBI is using the information to track citizens. It's not clear, of course, whether any of these claims are true—but if they are, the NCFTA acronym in Antisec's file name could likely stand for National Cyber-Forensics & Training Alliance, which "functions as a conduit between private industry and law enforcement." If that's the case, it could mean Apple is feeding the FBI user data though the NCTFA, that the FBI is mining its own data... or something else entirely. [AntiSec via The Next Web]