12 million accounts hacked? Why no info on that?

ShadowHearth

I just watched news ( on Russia channel ). And they said that 12million accounts were hacked from FBI laptop.

I googled and looks like its true!

http://www.extremetech.com/computing/135447-antisec-hacks-the-fbi-downloads-database-of-12-million-itunes-accounts


http://www.pcworld.com/businesscenter/article/261876/apple_device_ids_hacked_what_you_need_to_know.html
Wtf? Why no one warning people about it?!

aidan_walsh

Its all over the tech news sites. 12m Unique Device Identifiers (UDIDs) were allegedly taken from an FBI laptop.

The UDID was being used for a long time as as a device identifier by developers, so the information could have come from just about anywhere. Apple no longer accept apps that use it, and are removing developer access to it in iOS 6.

Sad Professor

Thread title is misleading. There's no evidence to suggest any iTunes accounts were hacked.

Both Apple and the FBI say they don't know anything about this. Some app developer probably sold the data or was hacked. Or maybe one of those websites that sell access to iOS betas gave it to them.

ShadowHearth

Sad Professor wrote: »

Thread title is misleading. There's no evidence to suggest any iTunes accounts were hacked.

Both Apple and the FBI say they don't know anything about this. Some app developer probably sold the data or was hacked. Or maybe one of those websites that sell access to iOS betas gave it to them.

No evidence? Only 1 million details published online of apple users.

We are talking about two huge "parties", who are not afraid to bull **** you. So FBI did not had it, apple did not had a leak, so who on earth has ability to get to 12million account details?!

I am really surprised there were not a thing about it on Irish news.

Andy!!

Sad Professor wrote: »

Thread title is misleading. There's no evidence to suggest any iTunes accounts were hacked.

llllllllOOOOOOOOOOOOOOOOOOOLLLLLLLLL :pac:

Maybe check the fact before posting next time :pac:

lordgoat

Am I missing something or how is this Apple's fault?

Blazer

aidan_walsh wrote: »

Its all over the tech news sites. 12m Unique Device Identifiers (UDIDs) were allegedly taken from an FBI laptop.

The UDID was being used for a long time as as a device identifier by developers, so the information could have come from just about anywhere. Apple no longer accept apps that use it, and are removing developer access to it in iOS 6.

Not just UDIDs but full names, cell phone numbers, addresses and zip codes.
They stripped them out before released the information.
You can download the list and check to see if you're listed on it etc..


bit more on it here

http://www.forbes.com/sites/parmyolson/2012/09/04/fbi-agents-laptop-hacked-to-grab-12-million-apple-ids-anonymous-claims/

Here you can check via a website if your UDID is one of those 12 million..also shows you how to find it..
http://thenextweb.com/apple/2012/09/04/heres-check-apple-device-udid-compromised-antisec-leak/

CathalDublin

Who really cares if there's a csv file with your address/udid? there are no passwords in this file.
I'm sure most peoples names/address/phone numbers/etc are on multiple servers across the internet in databases from buying stuff online stores/ebay/etc.
Typing your UDID into that site is surly giving it away for the site owner to record anyway, who's to say that site's not recording it along with your ip address

Blazer

CathalDublin wrote: »

Who really cares if there's a csv file with your address/udid? there are no passwords in this file.
I'm sure most peoples names/address/phone numbers/etc are on multiple servers across the internet in databases from buying stuff online stores/ebay/etc.
Typing your UDID into that site is surly giving it away for the site owner to record anyway, who's to say that site's not recording it along with your ip address

Because they specifically say they're not. No site in their right mind would advertise this and state they're not collecting UDIDs and lie about it.
Not everyone's out to get you

CathalDublin

Blazer wrote: »

Because they specifically say they're not. No site in their right mind would advertise this and state they're not collecting UDIDs and lie about it.
Not everyone's out to get you

Just saying if someones worried about their udid being on some list why type it into a form on a website not using ssl

Sad Professor

If one thing is apparent from reading this thread it's that most people don't know what a UDID is or think it's the same as their Apple ID.

ShadowHearth

Sad Professor wrote: »

If one thing is apparent from reading this thread it's that most people don't know what a UDID is or think it's the same as their Apple ID.

Right, they have all information on individual, but not his password to account. So we can all live in peace now? So you don't mind that all of your personal data, info, address, name, phone number in some third parties hands? Even better, someone can enter your name on some website and get all your details.

I did not do this thread just to be some anti apple fanboy ( I am using iPhone myself ), but now I think I really can see what a creature apple fanboy is. It will defend apple even of it will sell his family to slavery. Surely it's not apples fault. It's business as usual.

Ofc all this is not handy to apple, they will refuse any liability for that, because they need to look good as the new iPhone 5 is coming out.

Sad Professor

ShadowHearth wrote: »

Right, they have all information on individual, but not his password to account. So we can all live in peace now? So you don't mind that all of your personal data, info, address, name, phone number in some third parties hands? Even better, someone can enter your name on some website and get all your details.

I did not do this thread just to be some anti apple fanboy ( I am using iPhone myself ), but now I think I really can see what a creature apple fanboy is. It will defend apple even of it will sell his family to slavery. Surely it's not apples fault. It's business as usual.

Ofc all this is not handy to apple, they will refuse any liability for that, because they need to look good as the new iPhone 5 is coming out.

I'll ignore the insults.

First of all, we don't know that the hacker has that additional data. He claims he does, but so far has only revealed a list of UDIDs and device names. But even if he does have it - so what? Have you ever ordered anything online or signed up to a website that required your name, address, etc? If yes, then this info is already out there and it doesn't require Apple or the FBI to screw up for somebody else to get it. This data could have come from anywhere. The hacker himself as already implied via Twitter that the data came from an app developer, which I suggested earlier and was attacked for.

ShadowHearth

Sad Professor wrote: »

I'll ignore the insults.

First of all, we don't know that the hacker has that additional data. He claims he does, but so far has only revealed a list of UDIDs and device names. But even if he does have it - so what? Have you ever ordered anything online or signed up to a website that required your name, address, etc? If yes, then this info is already out there and it doesn't require Apple or the FBI to screw up for somebody else to get it. This data could have come from anywhere. The hacker himself as already implied via Twitter that the data came from an app developer, which I suggested earlier and was attacked for.

It was not insult directed at you, but if you do feel insulted... Well... I won't go deeper in there.

So still, why app developer has all the date from apple, which was strictly confidential between user and apple?

Sad Professor

There's nothing to say it came from Apple, just this hacker's word. UDIDs could have have come from anywhere. A jailbreaking website or a site selling iOS beta access or (more likely) an app developer that previously made use of UDIDs as device IDs. No information has been revealed that only Apple would have had. In fact, it would have been far easier for the hacker to get this data elsewhere. Now that Apple no longer use them, a list of UDIDs would not be difficult to acquire.

guil

Sweet mother of Jesus. There's no way of knowing if they have any of the details or not and as far as I know developers get the UDID of a device that installs their app. The debs of eirtext and jellysms are members in here and I'm nearly certain one or both of them had a website or blog listing the phone numbers of devices with a pirated version of their app

Somecrimesitry

It seems the source for this was an app developer called Blue Toad Publishing in the US. The released data matches their own logs with a 98% accuracy:

http://www.macrumors.com/2012/09/10/blue-toad-publishing-company-admits-stolen-fbi-udids-came-from-them/