In a clearly worded acknowledgment, digital publishing firm BlueToad confirmed that it was the source of Apple UDID leaks reported last week, Reuters reported.
A hacker group by name AntiSec released over 1 million Apple Unique Device Identifiers (UDIDs) on Sept. 3, which it claimed to have taken from a file found on an FBI laptop. Even as the FBI denied the claim, the security breach created waves as to how the hacking group was able to access such important information from a highly secure source.
As various theories were doing the rounds regarding the hacking incident, the publishing firm BlueToad finally broke the silence when Paul DeHart, CEO and president of BlueToad wrote in a blog post: "A little more than a week ago, Bluetoad was the victim of a criminal cyber attack, which resulted in the theft of Apple UDIDs from our systems. Shortly thereafter, an unknown group posted these UDIDs on the Internet."
Speaking to Reuters, DeHart stated: "We want to apologize, announce what happened and set the record straight."
"When we discovered that we were the likely source of the information in question, we immediately reached out to law enforcement to inform them and to cooperate with their ongoing criminal investigation. We have fixed the vulnerability and are working around the clock to ensure that a security breach doesn't happen again," DeHart told eweek.
Though NBC News first reported the BlueToad link on Sept. 10, BlueToad's statements appeared to contradict several claims made by the hacker group that leaked the data.
The Inquirer noted in a report that BlueToad, which successfully defends itself against thousands of such cyberattacks each day, got hacked into as this particular attack seemed more determined and effective.
The blog post from DeHart also shared that no sensitive personal information such as credit card data was lost and the practice of storing Apple UDIDs was discontinued a few months ago, The Inquirer added.