Anonymous hacks "FBI Notebook" - Actually a leak from Blue Toad

[LoHi]

http://redtape.nbcnews.com/_news/2012/09/10/13781440-exclusive-the-real-source-of-apple-device-ids-leaked-by-anonymous-last-week
AntiSec Press Release: http://pastebin.com/DTKiSgL2

A small Florida publishing company says the million-record database of Apple gadget identifiers released last week by the hacker group Anonymous was stolen from its servers two weeks ago.  The admission, delivered by the company’s CEO exclusively to NBC News, contradicts Anonymous' claim that the hacker group stole the data from an FBI agent's laptop in March.
   Paul DeHart, CEO of the Blue Toad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company's own database. The analysis found a 98 percent correlation between the two datasets.


Old:
http://pastebin.com/nfVT7b0Z

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zip codes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incomplete on many parts. no other file on the same folder makes mention about this list or its purpose.

[Reece]

Apple Device UDID, Apple Push Notification Service DevToken, Device Name,
Device Type.  =/= personal data

They haven't released any personal info.

[[WS]Jacob]

They use the information as a negotiation tool. "If you don't do this, we'll do this." As this is a large amount of personal data the government and authorities will want to stop the information being released.

[LoHi]

Apple Device UDID, Apple Push Notification Service DevToken, Device Name,
Device Type.  =/= personal data

They haven't released any personal info.

http://corte.si/posts/security/udid-leak.html

[Reece]

So? No Private info has been leaked yet.

[Kirgiz]

So? No Private info has been leaked yet.

By using those bits of information you can get up to gather a lot of private information later on if you're skilled at it.

If you remember, people at 4chan basically tracked down the guy who stood on the TacoBell's salad and got him fired.

[LoHi]

So? No Private info has been leaked yet.

Are you serious? I can identify your phone, what apps you have used, even access your Facebook/Twitter account, and you can say that?

[Reece]

Are you serious?

Yes.

I can identify your phone

Mine isn't in the list, so no, you can't. It's a UID, it has no identifying information.

what apps you have used

And? How is this personal info?

Aaccess your Facebook/Twitter account

No you can't.

and you can say that?

Exactly.

[Ted]

See, do not buy over priced crap from Apple.

[Hidduh]

See, do not buy over priced crap from Apple.

Are you serious?

Like this could only happen with Apple products..

Are you serious? I can identify your phone, what apps you have used, even access your Facebook/Twitter account, and you can say that?

No you can't.

[Teddy]

This is from a former breach.
The breach was not of the FBI as popularly told, but a third party contractor for the FBI that stores their data.

[[WS]Jacob]

The FBI now denies any link saying there's "no evidence" that any material has been stolen through an agent's laptop.

[LoHi]

Yes.

Mine isn't in the list, so no, you can't. It's a UID, it has no identifying information.

And? How is this personal info?

No you can't.

Exactly.

I apologise if it was hard to understand my statement. I did not mean YOU, but as an example, I still used the short word instead of using "someones". I don't know what is personal to you, but for me it's kind of a big deal if someone knows what I'm doing with my phone (like knowing what programs you use on your computer).

The vulnerabilities ranged from de-anonymization, to takeover of the user's gaming social network account, to the ability to completely take over the user's Facebook and Twitter accounts using just a UDID.

It seems that you didn't even read my arguments, but hopefully you can come up with something less embarrassing in reply.

This is from a former breach.
The breach was not of the FBI as popularly told, but a third party contractor for the FBI that stores their data.

Link the source and I'll update the first post.

[Mikal]

This is from a former breach.
The breach was not of the FBI as popularly told, but a third party contractor for the FBI that stores their data.

The FBI trusts someone other than themselves with their information? Flawed agency..

[Kirgiz]

The FBI trusts someone other than themselves with their information? Flawed agency..

More like blatant bullshit