The FBI has disputed a claim that it holds identification data on millions of Apple device owners, after hackers said they accessed the information on an agent’s laptop.
Hackers from the group AntiSec posted a link to a database of more than one million unique device identification numbers (UDIDs) for Apple devices – which could include iPhones and iPads.
It claimed the list was part of 12 million UDIDs stolen from an FBI cybercrime agent working alongside the non-profit National Cyber-Forensics and Training Alliance.
The hackers also released the name of the agent it allegedly stole the data from.
The FBI took to Twitter to deny the claims and said: “Statement soon on reports that one of our laptops with personal info was hacked. We never had info in question. Bottom Line: TOTALLY FALSE.”
Hacking group Anonymous responded and said: “You know you’re doing something right if @FBIPressOffice throws caps at you on twitter to deny an #Anonymous statement.”
Shortly afterwards the agency issued a further response in a statement which said: “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed,” the agency said.
“At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”
Anonymous then posted a link to a database and claimed Apple owners could enter their own UDID in the URL address to see if their device was on the list.
FBI officials there said they could not verify the validity of the data that AntiSec released.
US officials also warned that computer users should be careful when clicking on such links because they may contain malware that can infect computers.
Dell SecureWorks security researcher Joe Stewart tested the link and did not find any connection to malware.
Apple has not commented.
Apple’s UDIDs allow the firm and application developers know which devices run which apps.
For example, the numbers allow game developers to keep track of users’ high scores.
Besides the identification numbers, the information posted by AntiSec apparently has the name that a person entered during the initial setup, and the device type such as iPhone, iPad or iPod Touch.
If linked with other information such as a name or address, the numbers could be used as a way to get at other more sensitive data.
But knowing the number does not enable the FBI to track or eavesdrop on people.
Loosely aligned hackers working under umbrella names of Anonymous and LulzSec have been linked to a number of high profile computer attacks, including many that were meant to embarrass governments and corporations.
Earlier this year, FBI agents arrested several hackers tied to the group and in the process revealed that LulzSec’s reputed leader, Hector “Sabu” Monsegur, was an alleged FBI informant.