Hackers release 1 million of UDIDs from Apple iOS devices

PanARMENIAN.Net - Hacker group Antisec has released a dump of 1 million unique identifiers (UDIDs) from Apple iOS devices. The records reportedly came from a file found on an FBI laptop back in March, according to MacRumors.

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.

The file that was found was said to contain over 12 million device records, including Apple UDIDs, usernames, push notification tokens, and in some instances, names, cell phone numbers, addresses and zip codes.”

The group released 1 million of these records but stripped most personal information. The final release includes Apple UDIDs, APNS (push notification) Tokens, Device Name (e.g. "Arnold's iPhone") and Device Type (e.g. "iPhone"). MacRumors says it confirmed that the UDIDs appear to be legitimate.

The source of the data is not entirely clear, though the type of data is typical for the kind of information an iOS app developer would collect to deliver push notifications to users. It seems an App developer or developers are the original likely source of the information, though no specific information is yet available.