As you might have expected the FBI has categorically denied the whole thing. They are denying that any breach too place, that they had the data and even that there are any reasons for the FBI to have ever had that type of data. Their statement is about what you would expect: “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data”
Many think that the original announcement of the breach and data theft were meant to embarrass the FBI in one way or another. IF that is the case then mission accomplished at this point no matter what. The reports are out and as we all know the internet has a very loooon memory. Still there is also evidence that this is a very real breach. AntiSec does not have a history of making false claims about data collected and they have found other “interesting” information that has been in the possession of law enforcement before. It is also no secret that most carriers cooperate with agencies like the FBI, DHS, DEA, NSA and the rest of the US Government Law Enforcement alphabet soup.
The possibility that this is a real breach and not a false list from some rouge app is becoming more likely as more information is released. There is even a new “leak” that appears to list Mac Addresses for computers at the FBI as well as extensions for specific people. The validity of this information is still suspect, but if it came from the same source as the first data is would appear to prove the original AntiSec claims. At this point the exercise is about more than embarrassment and could actually be about the collection of personal data by the FBI without a warrant or any other probable cause.
We would never expect any agency to admit they had done something as unethical as collecting vast amount of personal data on people not under any legal investigation so the denial by the FBI does not count for much in this case. We also cannot currently confirm the AntiSec breach and data, it appears to be valid, but no one we have contacted has responded to state that the UDIDs are real. Of course, it is unlikely that Apple or any carrier would ever validate the information anyway as it would clearly show the risks of having UDIDs and of allowing personal information to be attached to them.
AntiSec has said they will not make any further comments on this until Gawker journalist Adrian Chen posted a picture of himself on the front page of the Gawker website wearing a tutu and a shoe on his head. As this has been done, we can only hope that we will get more confirmation on this one way or the other in the very near future. We have a sneaky suspicion that the breach is very real, but there is a twist to this that we are all missing…
Discuss this in our Forum