FBI laptop hands hackers 12 million Apple device IDs and owner info
AntiSec, one of the many internet hacking communities, has claimed that it has obtained the UDIDs and user details of around 12m Apple users.
The UDID (unique device identifier) is the 40-character code often used for app tracking and authentication purposes.
Reports are that, somehow, the group obtained an FBI-owned laptop in March and is now beginning to publish its findings.
AntiSec has published 1m of these UDIDs as proof but has not yet published any names, addresses, phone numbers and emails that it also obtained in the Apple/FBI security breach.
Graham Cluley, a computer security expert at Sophos said that the hackers may have chosen not to release personal information, to make it more valuable to criminals.
“That is obviously information that has a real value. It could be abused in several ways. By publicising the Apple ID details what they are doing is saying we have got all this data- we can prove that we have got it and Apple can test whether these device numbers are correct or not.
“They probably either want to exploit [the details] themselves or they might for instance want to sell it on the computer underground to spammers who can send a targeted campaign to those email addresses.”
“Maybe it would be claiming to come from Apple, maybe it would contain malicious links or be designed to infect people’s computers and potentially steal information such as credit card details “
Granted, having your personal details and those of your handset in the hands of hackers is pretty worrying but, what the heck was the FBI doing with all that information in the first place?
It would appear that the file was related to the National Cyber-Forensics & Training Alliance, which apparently is a NGO tasked with fighting global cyber-crime.