Blue Toad Publishing Company Admits Stolen 'FBI' UDIDs Came From Them

[MacRumors]

A week ago, a hacker group released a dump of 1 million unique identifiers (UDIDs) from Apple iOS devices. The group claimed they acquired the list from the FBI, but the law enforcement organization denied it a day later.

Now, a small App Store publishing company in Florida called Blue Toad says the IDs were stolen from its servers, reports NBC News.

A small Florida publishing company says the million-record database of Apple gadget identifiers released last week by the hacker group Anonymous was stolen from its servers two weeks ago. The admission, delivered by the company's CEO exclusively to NBC News, contradicts Anonymous' claim that the hacker group stole the data from an FBI agent's laptop in March.

[...]

Paul DeHart, CEO of the Blue Toad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company's own database. The analysis found a 98 percent correlation between the two datasets.

The CEO noted that as they analyzed the leaked data, the company found a 98 percent correlation between the stolen data and their own, DeHart told NBC."As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this."

NBC spoke to an Apple spokesperson about the revelation, as well: "As an app developer, BlueToad would have access to a user's device information such as UDID, device name and type. Developers do not have access to users' account information, passwords or credit card information, unless a user specifically elects to provide that information to the developer."

Apple has moved away from using the unique device identifier, or UDID, as a means for identifying a particular user for privacy reasons. Earlier this year, Apple began rejecting iOS apps that utilized the UDID, in favor of alternate identification schemes.

Article Link: Blue Toad Publishing Company Admits Stolen 'FBI' UDIDs Came From Them

 

[Intarweb]

So FBI = Indie publisher?

 

[184550]

Tinfoil hats are nonreturnable.

 

[kasei]

Have the UDID's been stolen or not?

 

[669532]

It's a little worrying all these little/smaller companies are holding any data like this in unsecured locations - ripe for the picking.

 

[BC2009]

Have the UDID's been stolen or not?

Yes they were stolen, but not from the FBI. Translation: The FBI does not have a database of a million+ Apple UDID's for devices they are tracking. If you have purchased a BlueToad app in the past then your UDID is probably on this list.

 

[bacaramac]

So the FBI needed a fall guy. Haha only kidding.

 

[GBrooks]

adjusts tin foil cap - continues with day.

 

[emvath]

Wait...these guys got their hacked information from a blue toad?!? Now I've heard everything.

 

[Peace]

Have the UDID's been stolen or not?

Yes. But the source was Blue Toad not the FBI.

I might add one of their biggest apps is Flipboard.

 

[gianpag]

Hmmmm....

I had a chance to check that file and details for my devices were there but I never used or downloaded an app developed by bluetoad (unless they're behind apps other than those directly related to their name) or one of their "Newsstand" maagazines.
--------

update: Ok I just saw another post pointing to Flipboard, which I have.

 

[smithrh]

The NBC article is actually fairly good (I expected crap, to be honest) - suggested reading before posting.

 

[CodexMonkey]

So Blue Toad held all these device IDs which contain usable data and now these IDs are available to pretty much anyone with an internet connection?

In which case, their "Smarter Content, Smarter Distribution" tagline is bordering on genius.

 

[STiNG Operation]

Time to pull out the lawn mower and whack these blue toads!!

 

[smithrh]

I had a chance to check that file and details for my devices were there but I never used or downloaded an app developed by bluetoad (unless they're behind apps other than those directly related to their name) or one of their "Newsstand" maagazines.

Go read the article.

 

[AppleMad98004]

Flipboard

I believe if you have an app called Flipboard (I do on my iPad) they have your UDID!

 

[tasset]

So what is the point of such 3rd party companies to have this information? No doubt they will say it's to 'better troubleshoot app issues and provide a better experience', but is this sort of aggregation to sell "anonymized" app habits to advertisers based on cobbled together app downloads? Are they really that slimy?

 

[M-O]

no such thing as bad press. now we've all heard of bluetoad.

 

[whooleytoo]

So, Blue Toad are a front company for the FBI, eh?

(No stopping a good conspiracy theory.... or even a really bad one..)

 

[kycophpd]

Wait I thought Blue Toad was the pseudonym for the guy who wrote the Seal Team Six book?!! I am all confused now.

 

[D.T.]

Next update: FBI admits they're actually the hacker group ...

 

[ECUpirate44]

All that bashing on the FBI for nothing

 

[samcraig]

Yes they were stolen, but not from the FBI. Translation: The FBI does not have a database of a million+ Apple UDID's for devices they are tracking. If you have purchased a BlueToad app in the past then your UDID is probably on this list.

It doesn't confirm or deny what the FBI does or doesn't have. It just reports that this particular leak was almost certainly from Blue Toad.

I hope you understand the difference between what you're writing and the facts.

 

[Peace]

I believe if you have an app called Flipboard (I do on my iPad) they have your UDID!

Well now we have a problem.

I have Flipboard and none of my iDevices were on that list.

 

[WannaGoMac]

You guys aren't thinking conspiracy theory enough!

They are a FBI scapegoat, to cover up their involvement!