Apple responded today to the hack on 12 million UDIDs, or the unique number associated with iOS devices, after hacker collective Anonymous said the bounty was stolen from an FBI laptop.
“The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization. Additionally, with iOS 6 we introduced a new set of APIs meant to replace the use of the UDID and will soon be banning the use of UDID,” said Apple spokesperson Natalie Kerri in a statement to All Things D.
Yesterday, Anonymous released one million of the stolen UDIDs and promised that it could release the other 11 million. The group, which is known for hacking in the name of a political or moral position, claimed the loot was lifted from a laptop owned by an FBI agent. The hackers allegedly were able to access the data through a vulnerability in Java.
The FBI followed the hack with its own statement yesterday, saying “there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”
The agency also tweeted about the issue, calling Anonymous’ statements “totally false.”
ESET researcher Stephen Cobb wrote about the hack this morning, saying he found his wife’s information in the released one million UDIDs, which can be accessed following instructions Anonymous posted in Pastebin. Cobbs says that he sees “no evidence” that Apple’s security has been breached and thinks the data might not be FBI-based either.
“Of course, the interwebs are abuzz with speculation about government surveillance, but the file could also be from an ad agency or data broker,” said Cobb in a blog post. “Right now I am not too concerned that this particular group of hackers has the data. They seem determined to use it to make a point, not a profit.”
VB's research team is studying mobile user acquisition... Chime in here, and we’ll share the results.