Activists with hacker skills were behind more than half the data stolen in cyber attacks last year. Photo: AFP/adashi/shutterstock.com
A hacker group has claimed to have obtained personal data from 12 million Apple iPhone and iPad users by breaching an FBI computer, raising concerns about government tracking.
The group called AntiSec, linked to the hacking collective known as Anonymous, posted one million Apple user identifiers claimed to be part of a larger group of 12 million, purportedly obtained from an FBI laptop.
Contacted by AFP, FBI spokeswoman Jenny Shearer said: "We're not commenting."
Peter Kruse, an ecrime specialist with CSIS Security Group in Denmark, said on Twitter that the leak "is real" and that he confirmed three of his own devices in the leaked data.
"Also notice that they claim to have fullname, addresses, phone numbers etc... Big ouch!" he tweeted.
Eric Hemmendinger, a security expert with Tata Communications, said the report raises concerns about the protectors of cybersecurity.
"The question is not whether it's accurate, it is why did the feds have the information and why did they not take due care to secure it," he told AFP.
Hemmendinger said that based on past reports from Anonymous and related groups, he believes the report is probably true.
"If you work in cybersecurity and your machine gets hacked, that's a pretty embarrassing scenario," he said.
Apple did not immediately respond to a request for comment.
Social media and news blogs were aflutter with the news. The tech blog Geekosystem called it "one of the worst privacy disasters yet" and various Twitter comments said the news suggested the FBI is tracking Apple users.
One website set up a database to help users determine if their device was on the hacked list of Apple unique device IDs (UDIDs).
"Quite why the FBI was collecting the UDIDs and personal information of millions of iPhone and iPad users is not yet clear -- but it's obvious that the data (and the computer it was apparently stored on) was not adequately secured," said Graham Cluley of the British security firm Sophos.
"My suspicion is that the hackers were more interested in embarrassing the FBI's team than endangering innocent users. All the same, hacking into computers is a criminal act -- and I would anticipate that the FBI and other law enforcement agencies will be keen to hunt down those responsible."
Others expressed concern about the apparent leak.
"Since UDIDs are unique to each iPhone and iPad, having yours end up in the wrong hands is a concern," said Josh Ong on the technology blog The Next Web.