BlueToad Was Source of Leaked Apple Data, not FBI Laptop

The little-known app company that lost at least a million Apple Inc. iPhone and iPad identification numbers gathered the data from devices without protecting it and was still sending the data as of Monday.

The information was sent by the company, BlueToad Inc., in “cleartext”—without encryption to hide it—violating widely accepted computer-security practices. The identification numbers, device names and other information were then stored in a database that the company said was recently stolen by hackers.

The BlueToad breach is the latest in a series of events that have raised questions about the security and privacy of the fast-growing app economy. Many apps have been found taking data that users didn’t know about. In 2010, the Journal tested 100 iPhone and Android apps and found that more than half were transmitting identifying details without the user’s knowledge, and some were sending more personal information such as contact lists and location information. Since then, several other apps have been caught transmitting details about users without their knowledge.

The device ID number can allow a hacker to gain access to a user’s social networking accounts and other apps. As a result, Apple has long told developers that “for user security and privacy” they “must not publicly associate a device’s unique identifier with a user account.” And Apple last year began telling developers that it was going to phase out the use of UDIDs, in part because of these concerns.

Advertisements

About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: