FBI was NOT source of leaked data on 12 million Apple users, claims publishing firm boss who says they were hacked

  • Hackers said they had exposed Big Brother snooping operation run by FBI
  • But Paul DeHart, CEO of the Blue Toad agency, claims details on computer users was stolen from his servers
 

By Tom Gardner

PUBLISHED: 16:37 EST, 10 September 2012 | UPDATED: 17:13 EST, 10 September 2012

For conspiracy theorists, it had been yet more proof of the existence of a sinister Government agency tracking their every move.

But now a claim that hackers had managed to penetrate a top secret dossier used by FBI agents to spy on Apple users appears to have been proven unfounded.

The Federal Bureau of Investigation had been the centre of a major privacy row after cyber experts from The AntiSec hacking group released more than a million Apple device IDs - allegedly taken from an agent's laptop.

Hackers claimed to have obtained more than 12 million ID codes Apple uses to identify its gadgets from an FBI agent's laptop

Hackers claimed to have obtained more than 12 million ID codes Apple uses to identify its gadgets from an FBI agent's laptop

The group claimed the information - which included 12 million IDs, known as Unique Device Identifiers, as well as personal information such as user names, device names, notification tokens, cell phone numbers and addresses - enabled the Government to spy on the users.

The FBI immediately denied it was the source - but many refused to believe it was anything other than affirmation of their Orwellian nightmares.

However, a boss of a small publishing agency has come forward to say his firm was the most likely source of the information - not a murky, malign Government agency.

 

More...

Paul DeHart, CEO of the Blue Toad, which provides app building services to 6,000 users and serves 100million page views a month, told NBC News technicians had matched the hacked information with their own private data.

He said: 'That's 100 percent confidence level, it's our data.'

He added: 'As soon as we found out we were involved and victimised, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.'

AntiSec last week released a million of unique IDs online - but removed the most personal data.

The hackers issued a statement saying: 'During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java.

The move comes as Apple is believed to be putting the finishing touches to a launch event for a new version of its iPhone

The move comes as Apple is believed to be putting the finishing touches to a launch event for a new version of its iPhone

'During the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.

'The personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts.

'No other file on the same folder makes mention about this list or its purpose.

It had been thought the group published the numbers to prove the existence of a unit in the FBI which was track people via their computer identification data.

The Antisec group has made the files freely available online.

'There you have 1,000,001 Apple Devices UDIDs linking to their users and their APNS tokens,' it said.

'The original file contained around 12,000,000 devices. we decided a million would be enough to release.

'We trimmed out other personal data as, full names, cell numbers, addresses, zipcodes, etc.

'Not all devices have the same amount of personal data linked, some devices contained lot of info, others no more than zipcodes or almost anything.

'We left those main columns we consider enough to help a significant amount of users to look if their devices are listed there or not. the DevTokens are included for those mobile hackers who could figure out some use from the dataset.'

The group also defended its decision to release the data.

'well we have learnt it seems quite clear nobody pays attention if you just come and say 'hey, FBI is using your device details and info.

'So without even being sure if the current choice will guarantee that people
will pay attention to this.'

 
Add your comments

Comments (0)

No comments have so far been submitted. Why not be the first to send us your thoughts, or debate this issue live on our message boards.

Add your comment

You have 1000 characters left.
Libellous and abusive comments are not allowed. Please read our House Rules.
For information about privacy and cookies please read our Privacy Policy.
Terms