US firm is source of Apple data breach

Comment on this story
iol scitech nov 1 CT_cyber security0 AP Many experts have expressed alarm about the lack of awareness or reluctance among some companies' leadership to spend more money on cyber defenses.

Washington - A US company said on Monday that the database of Apple device information that hackers stole and posted on the Internet last week came from a file the firm had in its computer system.

The disclosure comes nearly a week after a hacker group, which calls itself AntiSec, claimed that the data was stolen from an FBI laptop. The FBI rejected the claim, saying it never possessed the information.

The data included about 1 million unique identification numbers for Apple devices and some personal information, such as the names people assign to their iPads, iPhones and iPods.

Florida-based BlueToad is a digital publishing company that converts files so that they can be more easily read online and by mobile devices.

The FBI did not comment on BlueToad's disclosure.

AntiSec is linked to a group known as Anonymous, which - along with another offshoot called Lulz Security - has been tied to a number of high-profile computer attacks and crimes, including many that were meant to embarrass governments, federal agencies and corporate giants.

In a statement, company president Paul DeHart said the Apple data was stolen in a cyberattack against BlueToad.

“BlueToad does not collect, nor have we ever collected, highly sensitive personal information like credit cards, Social Security numbers or medical information,” DeHart said in the statement. “The illegally obtained information primarily consisted of Apple device names and UDIDs (unique device identification numbers) - information that was reported and stored pursuant to commercial industry development practices.”

Apple assigns UDIDs - a string of numbers and letters - to all of its devices. The numbers let iTunes and application developers know which device is running which apps. As an example, the numbers allow game developers to keep track of users' high scores.

DeHart said his company is working with law enforcement officials on the case and has fixed the computer vulnerability that led to the breach. - Sapa-AP

Hungry for more scitech news? Sign up for our daily newsletter

sign up

Comment Guidelines

  1. Please read our comment guidelines.
  2. Login and register, if you haven’ t already.
  3. Write your comment in the block below and click (Post As)
  4. Has a comment offended you? Hover your mouse over the comment and wait until a small triangle appears on the right-hand side. Click triangle () and select "Flag as inappropriate". Our moderators will take action if need be.

  5. Verified email addresses: All users on Independent Media news sites are now required to have a verified email address before being allowed to comment on articles. You are only required to verify your email address once to have full access to commenting on articles. For more information please read our comment guidelines