Tuesday, September 11, 2012

Massive iPhone, iPad ID breach linked back to Florida company

A Florida company says it ? and not the FBI ? was the target of a breach last week. ?

By Matthew Shaer / September 10, 2012

An Apple logo is reflected in the screen of an Apple iPad at an electronics store in Mumbai, India. Earlier today, BlueToad, a Florida company, said a database of iPad and iPhone IDs had been breached by hackers.

Reuters

Enlarge

Last week, AntiSec, a "hacktivist" group associated with Anonymous, released a trove of?Apple Unique Device Identifiers, or UDIDs ? digital bar codes for iPhones and iPads, basically. AntiSec said the UDIDs ? it said it had 12 million in all ? had been nabbed from the computer of an FBI agent. The FBI subsequently maintained that there was "no evidence" of a breach, and Apple said it hadn't coughed up the UDIDs to the FBI in the first place.?

Skip to next paragraph

Recent posts

' + google_ads[0].line2 + '
' + google_ads[0].line3 + '

'; } else if (google_ads.length > 1) { ad_unit += ''; } } document.getElementById("ad_unit").innerHTML += ad_unit; google_adnum += google_ads.length; return; } var google_adnum = 0; google_ad_client = "pub-6743622525202572"; google_ad_output = 'js'; google_max_num_ads = '1'; google_feedback = "on"; google_ad_type = "text"; google_adtest = "on"; google_image_size = '230x105'; google_skip = '0'; // -->

So what was the real source of the leak? A small Florida digital publishing company called BlueToad, apparently. (The BlueToad site has been offline for hours, likely a result of all the press attention, so don't bother.) In interviews and statements today, BlueToad executives said they had found 98 percent correlation between the UDIDs on the AntiSec list and the UDIDs in its own files (hat tip to Ars Technica).?

According to CNN, BlueToad "works with 5,000 to 6,000 publishers to repurpose their content on various devices." Many of those devices are Apple devices, which explains why BlueToad had the UDIDs. But in a?statement?obtained?by the AP, company president Paul DeHart said BlueToad would cease to use the codes altogether. He also stressed that his company did not have access to more specific user data.?

"BlueToad does not collect, nor have we ever collected, highly sensitive personal information like credit cards, social security numbers or medical information," DeHart?said.?"The illegally obtained information primarily consisted of Apple device names and UDIDs - information that was reported and stored pursuant to commercial industry development practices."

To receive regular updates on how technology intersects daily life, follow us on?Twitter @venturenaut.

Source: http://rss.csmonitor.com/~r/feeds/csm/~3/WUbTQC_uD-Q/Massive-iPhone-iPad-ID-breach-linked-back-to-Florida-company

bobby petrino fired buffett rule lollapalooza lineup joss whedon ronnie montrose melissa gilbert dancing with the stars dandelion wine

Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)