FBI denies Apple device ID hack claims

Security

by Steve Evans| 05 September 2012

"No evidence" laptop was hacked or that it even had the data in the first place, FBI says


The FBI has denied claims from a hacking group that it stole 12 million Apple device IDs from a laptop belonging to one of its agents.

The attack was apparently carried out by AntiSec, an offshoot of Anonymous, who subsequently posted one million of the Unique Device Identifiers (UDIDs) online. Every device running iOS has a UDID, which are primarily used by developers and advertisers to track user behaviour.

A statement by AntiSec said it hacked a laptop belong to FBI Special Agent Christopher K. Stangl and published the information as a protest against the FBI holding and using this information to track people.

Interestingly its statement also predicted the FBI would deny the claims, saying: "We will probably see their damage control teams going hard lobbying media with bullshits to discredit this."

That is exactly what the FBI has no done, claiming it has found no evidence to back up the hackers' claims.

"The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed," the statement said. "At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."

Before the publication of the statement, the FBI's Press Office went further on its Twitter feed, proclaiming: "Statement soon on reports that one of our laptops with personal info was hacked. We never had info in question. Bottom Line: TOTALLY FALSE."

That Tweet drew responses from accounts that are reckoned to be linked with Anonymous. AnonymouseIRC responded by saying, "Wait, what? So because you don't know of any data breach it never happened? So the conference call was fake, too? ;-)," referencing the conference call between police forces it intercepted.

Another account affiliated with Anonymous, Anon_Central, simply said: "You think people will still believe in your lies @FBIPressOffice?"

There is still a lot of confusion over whether the information posted online is genuine or not. Apple has not responded to requests for comment at the time of publication.

Security firm Imperva has analysed the data and claimed from what it can tell the breach is "probably" real. The fact that the FBI agent named in the AntiSec statement is genuine is one reason for suspecting the leak is real.

The second reason is that the database that was breached "seems authentic -- though only Apple can confirm. However, the structure and format of the data indicates that this is a real breach. It would be hard to fake such data."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

738 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.