Information Over One Million iOS Device UDIDs Leaked By Hackers

Discussion in 'News & happenings' started by TheMightyS, Sep 5, 2012.

Share This Page

  1. TheMightyS

    TheMightyS ActiveRAIDer

    Messages:
    971
    Likes Received:
    240
    Reputation:
    651
    [​IMG]

    If you have an iOS device, your UDID may have been leaked to the public today. A group of hackers commonly known as Antisec have exploited a file on the computer of an FBI agent to leak over one million out of 12 million unique device identifiers (UDID) that were present in the file that was on the computer. The massacre certainly raises eyebrows as to why the FBI agent had all of these UDIDs on his or her computer and the breach displays why it wasn't the best idea for security purposes.

    Posted on Pastebin by Antisec late last night, Antisec explains what happened:

    [​IMG] Originally Posted by Antisec
    During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.
    The file that Antisec reportedly breached also included a lot more personal information such as first and last names, addresses, phone numbers, and more. Luckily, it doesn’t appear as though the hackers have dispersed this kind of detailed information to the public.

    UDIDs are different for every single iOS device and developers have used them in the past to gain anonymous information about devices for their applications. UDIDs can be used to gain information about your device such as the device type, device name, and much more personal information.

    The leak is a disturbing move for many that has caused a great deal of unease for Apple device users, which are worried about their personal security and identity. If you’re one of the worried iOS device users, TheNextWeb has created a Web-based program that can check your UDID against those leaked to see if you were one of the many that were exploited from this file on the FBI agent’s computer. TheNextWeb claims that the program will not record your UDID, only compare it with the database. Additionally, you can enter just a fraction of your UDID if you’re worried about security.
     

Share This Page