Anonymous finds personal data of Apple users in FBI computer

Sep 4, 2012

FBI 'has some explaining to do' after hackers claim to have posted one million codes online

THE FBI is said to "have some explaining to do" after hackers broke into one of its computers and found information about 12 million Apple devices and users.

Last night, Antisec, a section of Anonymous, posted a statement to say that it had hacked into the laptop of an FBI special agent named Christopher Stangl in the second week of March this year.

Antisec claims to have downloaded a file from Stangl's computer containing a database of more than 12 million Apple devices including user names, type of device, mobile phone numbers, addresses and Unique Device Identifiers (UDIDs).

It has since published more than one million UDIDs, codes used by Apple to identify individual iPhones and iPads and track user behaviour, but no other personal details of Apple users.

The hacking group said it was releasing the information to make people "pay attention" to what it perceived as surveillance by FBI officers. "We decided we'd help out internet security by auditing FBI first," it said, claiming to release just enough information so people could check if they were being tracked.

But one computer expert told The Daily Telegraph that the data found on the FBI laptop could be handed to spammers and potentially used to infect computers and steal credit card details.

Graham Cluley, from the computer security firm Sophos, said that while there is not much harm in the ID codes that have been released in isolation, AntiSec may have withheld other personal information so that they can sell it to criminals and spammers.

"That is obviously information that has a real value,” he said. “It could be abused in several ways. By publicising the Apple ID details, what they are doing is saying we have got all this data - we can prove that we have got it and Apple can test whether these device numbers are correct or not."

In a separate interview with the Daily Mail, Cluley said the FBI now has "serious questions to answer". "Hacktivists are out to embarrass organisations, and it would appear the FBI were lax in storage of data," he said.

Andy Greenberg, a security reporter at Forbes, agreed, saying: "If the FBI has in fact collected 12 million Apple UDIDs – or even just one million – it will have some explaining to do to privacy advocates."

But for now, Anonymous refuses to answer any questions from journalists until Gawker writer Adrian Chen, who has been especially critical of Anonymous, appears on his website's home page dressed in "a ballet tutu and shoe on the head".

Sign up for our daily newsletter