Published October 22, 2015
It’s a tale worthy of Mission: Impossible. And it may be a tall tale after all.
A list posted anonymously online containing the personal information of millions of Apple users was stolen not from under the noses of the FBI itself but from a Florida software company, NBC News reported on Monday.
A hacker group affiliated with Anonymous had posted a link to the database earlier this week. A note claimed the data was stolen in the still of the night from the laptop of an FBI agent in a Tennessee branch office -- and questioning why the FBI was tracking Apple users and gathering such information at all. Paul DeHart, CEO of Blue Toad publishing company, told NBC News that software technicians within his company had confirmed the real source of the data: Blue Toad’s computers.
"[We're at the] 100 percent confidence level, it's our data," DeHart said. "As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this.”
In an open letter published Monday on the company's website, DeHart offered more details, and an apology to users for the breach of security.
"BlueToad believes the risk that the stolen data can be used to harm app users is very low. But that certainly doesn’t lessen our resolve to ensure that all data is protected and kept from those who seek to illegally obtain it."
Blue Toad builds custom apps for thousands of different publishers and serves 100 million page views each month, according to NBC News. And as an app publisher, the company would be in a position to have such a database of device IDs, Apple said.
"As an app developer, BlueToad would have access to a user's device information such as UDID, device name and type," Apple spokeswoman Trudy Mullter told NBC News. "Developers do not have access to users' account information, passwords or credit card information, unless a user specifically elects to provide that information to the developer."
Apple last week denied giving the FBI any information, telling AllThingsD that the source of the data simply couldn’t be the FBI.
“The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization,” Apple spokeswoman Natalie Kerris said. The NBC report confirms that earlier statement, as well as an FBI statement labelling the Anonymous claims false.
“The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed," a spokeswoman told FoxNews.com. "At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”