Apple and the FBI Play “Not Me!” in Latest Security Breach
AntiSec, a group associated with well-known troublemakers Anonymous, announced on Tuesday that they had accessed twelve million Apple product UDIDs (unique device identifier numbers) by hacking into an FBI agent’s laptop. One million of these ID’s were posted publicly online, and shortly afterward, through the AnonymousIRC Twitter handle, the group stated, “Remember we’re sitting on 3TB additional data. We have not even started.”
So, who’s to blame for the leak? Apple is denying any involvement, and the FBI is disputing the hack even occurred in the first place. It’s unclear what harm, if any, could be in store for Apple product owners included in this first leak (you can check here to see if you’re a victim) but the PR nightmare for both Apple and the FBI has already begun—despite their initial denials of being at fault. The info that AntiSec posted has already been authenticated as legitimate. What’s unclear is where they got the information, and if it was from an FBI agent’s laptop, what was he doing with it?
The laptop in question ironically belongs to special agent Christopher Strangl, a special agent involved with the NCFTA, a non-profit group designed to identify and prevent cyber threats. While groups like AntiSec and Anonymous have accessed some of the world’s (allegedly) most secure computers and servers in the past, this instance is particularly embarrassing if it’s in fact true. On Tuesday, the FBI was quick to release the following statement:
“The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."
At first glance, it appears obvious that either Apple or the FBI has to be at fault here, but with last month’s claim by Anonymous to have hacked into Sony’s PlayStation Network proving to be a hoax, their believability absolutely comes into question. While in this most recent incident, the stolen data is authentic and in full view, simply taking Anonymous’ word for where they acquired it is no easier than accepting the statements by Apple and the FBI.
Until Apple, Anonymous, or the FBI presents the evidence needed to place the blame where it belongs, all three parties risk losing further credibility each day this story lingers.