A new leak has shown up on Pastbin. This latest showing comes from AntiSec and contains a list over 1 million Apple UDIDs, allegedly taken from a list of over 12 million that was on an FBI laptop. The UDIDs were supposedly in the file with other personally identifiable information such as zip codes, names, and other data, but that has been stripped out for the leak.
The file, according to the Pastebin post, came from the Dell laptop of Supervisor Special Agent Christopher K. Stangl which was exploited by a Java exploit back in March 2012. The details of the hack, along with information on how to get the data is available on Pastebin. Several tools have popped up to check if your UDID is on the list.
during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts.
It really begs the question why the FBI would have this data. These UDID numbers are more likely to be on an app developer's PC as a customer list as they are used for push notifications. The implications of them being taken from the FBI, if this turns out to be true, are not fully known. They could be there to be tracked, or for a variety of other reasons.
Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.