App Publisher Takes Responsibility for Apple ID Hack

by Dan Holden | September 10, 2012


Who really stole nearly 1 million Apple device IDs last week? No one can be certain just yet, but we now know where the IDs were originally stored.  The CEO of Blue Toad Publishing said this morning that he was “100 percent confident” the IDs came from the app developer’s database.

The only remaining question is, how that data got out.

In a statement posted on his blog earlier today, Blue Toad CEO Paul DeHart said that an analyst from his company compared the released 40-character Unique Device IDs (UDISs) data against the company database and found a 98 percent correlation.

“That’s 100 percent confidence level, it’s our data,” DeHart later told NBC. “As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.”

But DeHart did not say how the data was compromised, or by whom, leaving open the possibility that the FBI did in fact obtain it.

Last week it was reported that the hacker group Anonymous took the data from the FBI.

Later, the hacker group AntiSec said that it was responsible, having compromised more than 12 million Apple UDIDs from an FBI staffer’s laptop.

Sources at the FBI denied that it ever had the data.

DeHart said the company does not collect sensitive data such as credit card numbers which would need to be paired with the UDIDs to make any sort of a viable threat to consumer security.

“BlueToad believes the risk that the stolen data can be used to harm app users is very low,” said DeHart.  “But that certainly doesn’t lessen our resolve to ensure that all data is protected and kept from those who seek to illegally obtain it.

“We will continue to monitor this situation and cooperate with law enforcement in the investigation of the parties responsible for this crime.”

Previous post:

Next post: