FBI Denies AntiSec Claim of iOS UDID Hack

The FBI has denied a claim by AntiSec that a list of Apple IOS UDIDs (unique device identifiers) the hacker group published came from one of its computers. The U.S.'s top law enforcement agency said there was no evidence indicating the FBI had either sought or obtained such information, let alone that one of its computers had been compromised.


Over the holiday weekend (in the U.S.), AntiSec published a list of more than one million UDIDs that it said came from, "a Dell Vostro notebook used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team."

The list contained, "Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc."

AntiSec said that it was publishing the data in part to raise awareness that the FBI was collecting the data in the first place, a practice that could well violate the Constitutional right to privacy in the U.S. if it was being done without due process.

Indeed, as part of the discussion about the situation, it had been suggested that the data was more likely to be from an app developer's database. The FBI erroneously seized an Instapaper server in 2011, for instance, and the data could have come from that event.

The FBI is denying the whole thing, however, and in a statement issued to AllThingsD, said:

The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.

There is no doubt more to come on this subject.