"During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java," the hackers claim.
"During the shell session some files were downloaded from his Desktop folder one of them with the name of 'NCFTA_iOS_devices_intel.csv' turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no
other file on the same folder makes mention about this list or its purpose."
According to the hackers' statement, the point of publishing a redacted list of only one million UDIDs, Apple Push Notification Service DevTokens, device names and device types was not to compromise Apple users in any way, but to make them and everybody else realize that the FBI is likely using the device information to track citizens.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.