Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
64,414
32,234



bluetoad.png


A week ago, a hacker group released a dump of 1 million unique identifiers (UDIDs) from Apple iOS devices. The group claimed they acquired the list from the FBI, but the law enforcement organization denied it a day later.

Now, a small App Store publishing company in Florida called Blue Toad says the IDs were stolen from its servers, reports NBC News.
A small Florida publishing company says the million-record database of Apple gadget identifiers released last week by the hacker group Anonymous was stolen from its servers two weeks ago. The admission, delivered by the company's CEO exclusively to NBC News, contradicts Anonymous' claim that the hacker group stole the data from an FBI agent's laptop in March.

[...]

Paul DeHart, CEO of the Blue Toad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company's own database. The analysis found a 98 percent correlation between the two datasets.
The CEO noted that as they analyzed the leaked data, the company found a 98 percent correlation between the stolen data and their own, DeHart told NBC."As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this."

NBC spoke to an Apple spokesperson about the revelation, as well: "As an app developer, BlueToad would have access to a user's device information such as UDID, device name and type. Developers do not have access to users' account information, passwords or credit card information, unless a user specifically elects to provide that information to the developer."

Apple has moved away from using the unique device identifier, or UDID, as a means for identifying a particular user for privacy reasons. Earlier this year, Apple began rejecting iOS apps that utilized the UDID, in favor of alternate identification schemes.

Article Link: Blue Toad Publishing Company Admits Stolen 'FBI' UDIDs Came From Them
 

charlieegan3

macrumors 68020
Feb 16, 2012
2,394
17
U.K
It's a little worrying all these little/smaller companies are holding any data like this in unsecured locations - ripe for the picking.
 

BC2009

macrumors 68020
Jul 1, 2009
2,251
1,461
Have the UDID's been stolen or not?

Yes they were stolen, but not from the FBI. Translation: The FBI does not have a database of a million+ Apple UDID's for devices they are tracking. If you have purchased a BlueToad app in the past then your UDID is probably on this list.
 

emvath

macrumors regular
Jan 5, 2009
224
187
Wait...these guys got their hacked information from a blue toad?!? Now I've heard everything. :D
 

gianpag

macrumors newbie
Jan 13, 2008
2
0
Hmmmm....

I had a chance to check that file and details for my devices were there but I never used or downloaded an app developed by bluetoad (unless they're behind apps other than those directly related to their name) or one of their "Newsstand" maagazines.
--------

update: Ok I just saw another post pointing to Flipboard, which I have.
 
Last edited:

smithrh

macrumors 68030
Feb 28, 2009
2,731
1,736
The NBC article is actually fairly good (I expected crap, to be honest) - suggested reading before posting.
 

CodexMonkey

macrumors member
Feb 22, 2012
73
18
So Blue Toad held all these device IDs which contain usable data and now these IDs are available to pretty much anyone with an internet connection?

In which case, their "Smarter Content, Smarter Distribution" tagline is bordering on genius.
 

smithrh

macrumors 68030
Feb 28, 2009
2,731
1,736
I had a chance to check that file and details for my devices were there but I never used or downloaded an app developed by bluetoad (unless they're behind apps other than those directly related to their name) or one of their "Newsstand" maagazines.

Go read the article.
 

tasset

macrumors 6502a
May 22, 2007
572
200
So what is the point of such 3rd party companies to have this information? No doubt they will say it's to 'better troubleshoot app issues and provide a better experience', but is this sort of aggregation to sell "anonymized" app habits to advertisers based on cobbled together app downloads? Are they really that slimy?
 

M-O

macrumors 6502a
Mar 15, 2011
502
0
no such thing as bad press. now we've all heard of bluetoad.
 

samcraig

macrumors P6
Jun 22, 2009
16,779
41,982
USA
Yes they were stolen, but not from the FBI. Translation: The FBI does not have a database of a million+ Apple UDID's for devices they are tracking. If you have purchased a BlueToad app in the past then your UDID is probably on this list.

It doesn't confirm or deny what the FBI does or doesn't have. It just reports that this particular leak was almost certainly from Blue Toad.

I hope you understand the difference between what you're writing and the facts.
 

WannaGoMac

macrumors 68030
Feb 11, 2007
2,735
4,006
You guys aren't thinking conspiracy theory enough!

They are a FBI scapegoat, to cover up their involvement!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.