12 Million UDIDs Hacked

Apple vs. AnonMore people than ever are using iTunes to purchase music, movies, TV episodes and apps. Since it was opened in 2003, more than 15 billion songs, 1 billion HD TV episodes and 25 billion apps have been sold. Imagine all of that money! But with the more people entering their personal information into programs like iTunes, the more vulnerable you are to identity theft.

In early September, Anonymous released 50 UDID’s (Apple’s Unique Identifier token) that were said to be stolen from an FBI Agent’s laptop. Anonymous said that not only did they obtain these 50 UDID’s, but 12 million others, and threatened to release  around 1 million of them to the public.

When the FBI traced the “hack” back, it was more of a security breach in an iOS app maker Blue Toad. Blue Toad stored the data locally and had “outdated software”, which allowed for them to exploit their security measures. Every person that had ever downloaded a Blue Toad app had their UDID stored locally on their servers, which were the servers that got hacked.

So, what can we take away from this situation? Security is everything. People are constantly buying and selling things on the Internet, and it’s important to keep your data safe as well as others taking care of  YOUR information. In this case, it was the fault of Blue Toad. Companies that collect personal information MUST keep personal information of customers safe, using any means necessary.

To whom this may concern: if you want to check to see if your UDID was stolen, you can follow a set of steps to check. First, go to http://whatsmyudid.com/ . After that, go into iTunes, copy your UDID and paste it into the database on this website —  http://tnw.co/Q0eVYy — to check if it has or not.



7 thoughts on “12 Million UDIDs Hacked

  1. Why were the files on an FBI agent’s laptop in the first place? The only logical explanation is that the FBI bought their entire forensic department new iPhones. I’m curious to see what new polices Apple will enforce developers to follow after this breach.

  2. If it was an FBI agents laptop, wouldn’t you think it would be a tad bit more secure? I don’t understand how someone could breach such a valuable target, despite the fact that it was only for Apple IDs and not something else classified through the FBI.

  3. I think it is fair to say that Apple security practices lack because they are not the largest part of the market. However, I think that this is a trend in many large companies where security has little monetary value to the company until something truly terrible happens. Although in some cases the monetary loss to a company can be relatively minimal compared to the cost of hiring and funding good security experts. Nice article though I am glad I read it.

    • I agree. I think that if Blue Toad (or Apple for that matter) could invest into some people to work specifically on this issue. If all of their information was protected in the first place, there wouldn’t be issues with personal information being stolen.

  4. Very strange to see a member of the FBI messing up this badly. I’m almost certain that preventative training to combat this situation is nailed into their heads. It would have been interested to know how highly ranked he was in the FBI, but obviously I think that is covered up since I can’t seem to find anything.

  5. Did they even hack into the laptop? All of their information appears to have been gathered by a vulnerable app. The laptop, if it was even stolen, is probably very secure and painfully hard to get into. This is just a fine example of Anonymous’ agitating “WE ARE LEGION, WE WILL RULE THE INTERWEBZ, LOL” bull.

    • Yes. Like I said in my presentation, which apparnetly I left out of the article, was because of the vunerable app by BlueToad, which was an app in the App Store. Anonymous just *SAID* they got it off of the laptop — it really didn’t come from them.

Comments are closed.