Attacks/Breaches
9/10/2012
04:37 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

FBI Not Source Of Apple UDID Leak: BlueToad Admits Leak

Digital publishing company BlueToad says data breach resulted in leak of millions of UDIDs

Digital publishing company BlueToad says it was the source of a data breach that resulted in the theft of device identification data belonging to millions of Apple users -- not the FBI.

Last week, hackers with a group known as AntiSec claimed to have gained access to an FBI computer and stolen 12 million UDIDs, or unique device identifiers. UDIDs identify a particular iOS device, such as an iPhone or iPod.

According to Paul DeHart, CEO of BlueToad, the company contacted law enforcement once it determined it was the likely source of the leaked information.

"We have fixed the vulnerability and are working around the clock to ensure that a security breach doesn't happen again," he said in a blog post.

The company was notified that it was the possible source by David Schuetz, a security consultant with the Intrepidus Group, who analyzed the roughly 1 million UDIDs that had been posted online and linked them to BlueToad. His investigation is detailed on the Intrepidus Group's blog.

AntiSec's claims that an FBI computer had been hacked were denied last week by the law enforcement agency, which stated that there was no evidence that an FBI laptop was compromised or that the agency had sought or obtained Apple UDIDs. Apple has also publicly denied giving the information to the FBI, and said the agency never requested it.

Apple began rejecting apps that access UDIDs earlier this year after warning app developers in 2011 that it would be phasing out the ability with the introduction of iOS 5. The move followed the eruption of controversy regarding the use of UDIDs by advertisers for tracking purposes.

According to DeHart, BlueToad stored UDIDs "pursuant to commercial industry development practices."

"Upon Apple's recommendation several months ago, we modified our code base to discontinue the practice of reporting UDIDs," he wrote. "We have now also discontinued storing any UDID information sent to our servers by apps that have not yet been updated to the new code base."

"We understand and respect the privacy concerns surrounding the data that was stolen from our system," DeHart added. "BlueToad believes the risk that the stolen data can be used to harm app users is very low. But that certainly doesn't lessen our resolve to ensure that all data is protected and kept from those who seek to illegally obtain it."

As of publication, the BlueToad website appears to have gone down.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web