App developer blue toad confirmed to NBC on monday that the collection of unique device identifiers (udids) came from its databases. The data had been stolen in the past two weeks. This contradicts the hacker collective antisec’s claim that they downloaded the UDID numbers from an FBI agent’s computer in march.
Antisec had published last week about one million data sets with serial numbers of iphones and ipads and partly further information. According to the report, they were part of a larger collection of about twelve million numbers. The FBI was quick to deny having the data. Nor is there any record of a break-in at any of the FBI computers. Apple also said it had not provided U.S. Federal law enforcement with UDID numbers.
The serial numbers of ios devices like the iphone and ipad were previously used by program developers to identify individual devices and prevent mass copying of their apps. In addition, advertising networks used these UDID numbers. Since february, apple has refused to approve programs that continue to query the device id.
Blue toad, a developer of apps for publishers, was alerted by a security expert. He had found references to the company in the data. A check of the servers then confirmed the break-in. Antisec, which is part of the anonymous movement, had accused the FBI of collecting data from mobile phone users on a large scale.