The hacker group Antisec released a million iOS device identifier codes for iOS devices, or UDID codes, over the weekend -- and those codes apparently all came from an FBI laptop. The laptop held a file with over 12 million UDID codes, along with associated user names, cell phone numbers, addresses, and push notification tokens.
During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.
There isn't any information showing how the data landed in the FBI's hands, raising questions as to whether or not it came from -- at least in part -- an Instapaper server that was mistakenly seized
by the agency last year since it's likely the data came from app developers.
Antisec isn't offering up any more details about the security breach until Gawker postes a photo of Adrian Chen, one of the site's writers, wearing a ballet tutu along with a shoe on his head.
UDID codes are unique identifiers assigned to every iOS device. If enough personal data was included with the numbers, it's possible the less than savory part of society could use the information for identity theft, although the list Antisec released was stripped of most data.