FBI denies hacker claims over Apple UDIDs

The Federal Bureau of Investigation denied Tuesday that a sample of Apple data posted by the hacking group AntiSec originated with the agency.

The hackers claimed the agency was using the data, which included millions of Apple device identification numbers, to track the device owners.

More tech stories

Parking doesn’t have to be a hassle

Parking doesn’t have to be a hassle

Meet the man who wants to make parking in a garage as fun as riding in an Uber.

Big data: A double-edged sword

Big data: A double-edged sword

New information will improve our health and prevent crimes, but uncover skeletons and hurt privacy.

White House updating online privacy policy

White House updating online privacy policy

A new Obama administration privacy policy explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites, and it clarifies that online comments, whether tirades or tributes, are in the open domain.

But in a statement Tuesday the FBI said: “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed.  At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

At least one security expert speculates that the hack announcement was simply meant to draw attention.

In an interview with PC Mag’s Security Watch, F-Secure security adviser Sean Sullivan said that he thinks it could be a “PR scam by Anonymous.” The data itself could have come from a developer’s records, Sullivan said.

Some questioned whether the information could have come from servers seized last year by the FBI that contained data from the app Instapaper, but developer Marco Arment said on Twitter that he doesn’t collect UDIDs for his application. Arment, in turn, questioned whether the information could have from from the app AllClearID, which works with an agency mentioned in a filename in Tuesday’s release, the National Cyber Forensics and Training Alliance.

In a statement to Forbes, an AllClearID spokeswoman said that the app doesn’t collect UDIDs from phones and that “this incident is not linked to AllClearID.”

The hackers haven’t spoken up again — though an unusual demand they made has been fulfilled. In the release Monday, the hackers said that they wouldn’t speak to the media until Gawker writer Adrian Chen was featured on the site’s home page all day wearing a tutu and a shoe on his head.

Chen obliged, but there’s still been no more details about the alleged hack or any direct response to the FBI statement.

Related stories:

AntiSec claims the FBI has 12 million Apple device IDs

FBI arrests second hacker connected with LulzSec

LulzSec hacking group leader turned in other members, FBI says

AntiSec results start rolling in, LulzSec chats exposed

 
Read what others are saying