Computer Business Review

FBI denies Apple device ID hack claims

Steve Evans

09:45, September 5 2012

"No evidence" laptop was hacked or that it even had the data in the first place, FBI says

The FBI has denied claims from a hacking group that it stole 12 million Apple device IDs from a laptop belonging to one of its agents.

The attack was apparently carried out by AntiSec, an offshoot of Anonymous, who subsequently posted one million of the Unique Device Identifiers (UDIDs) online. Every device running iOS has a UDID, which are primarily used by developers and advertisers to track user behaviour.

A statement by AntiSec said it hacked a laptop belong to FBI Special Agent Christopher K. Stangl and published the information as a protest against the FBI holding and using this information to track people.

Interestingly its statement also predicted the FBI would deny the claims, saying: "We will probably see their damage control teams going hard lobbying media with bullshits to discredit this."

That is exactly what the FBI has no done, claiming it has found no evidence to back up the hackers' claims.

"The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed," the statement said. "At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."

Before the publication of the statement, the FBI's Press Office went further on its Twitter feed, proclaiming: "Statement soon on reports that one of our laptops with personal info was hacked. We never had info in question. Bottom Line: TOTALLY FALSE."

That Tweet drew responses from accounts that are reckoned to be linked with Anonymous. AnonymouseIRC responded by saying, "Wait, what? So because you don't know of any data breach it never happened? So the conference call was fake, too? ;-)," referencing the conference call between police forces it intercepted.

Another account affiliated with Anonymous, Anon_Central, simply said: "You think people will still believe in your lies @FBIPressOffice?"

There is still a lot of confusion over whether the information posted online is genuine or not. Apple has not responded to requests for comment at the time of publication.

Security firm Imperva has analysed the data and claimed from what it can tell the breach is "probably" real. The fact that the FBI agent named in the AntiSec statement is genuine is one reason for suspecting the leak is real.

The second reason is that the database that was breached "seems authentic -- though only Apple can confirm. However, the structure and format of the data indicates that this is a real breach. It would be hard to fake such data."


Post a comment

Comments may be moderated for spam, obscenities or defamation.