App Publishing Company is the Source of UDID Leaks

After last week’s leak containing millions of active UDIDs (Unique Device Identifiers), App Store publishing company BlueToad has come forward, stating that the UDIDs were stolen from their servers two weeks ago.

The UDIDs, which are almost completely harmless in almost every case, were targeted by unknown “cyber criminals,” and the CEO has posted a blog post on their website:

A little more than a week ago, BlueToad was the victim of a criminal cyber attack, which resulted in the theft of Apple UDIDs from our systems.  Shortly thereafter, an unknown group posted these UDIDs on the Internet.

At BlueToad, we understand the importance of protecting the safety and security of information contained on our systems.

Although we successfully defend against thousands of cyber attacks each day, this determined criminal attack ultimately resulted in a breach to a portion of our systems.

BlueToad mostly acts as a contractor for larger companies, creating apps useful for only a specific subset of people. UDIDs are being officially phased out in iOS 6 by Apple, in favor of a more secure, less personal way of identifying devices.

Post a response / What do you think?