Monday, September 10, 2012

Surrounded by FBI Officials, BlueToad CEO Admits Apple IDs Stolen from His Company

ORLANDO, Fla. (Bennington Vale Evening Transcript) -- During the first week of September, AntiSec -- an offshoot of the Anonymous hacker collective -- published over one million stolen Apple user IDs on the open web. Having one's personal information released publicly across the Internet would be frightening enough, but initial reports citing an FBI agent's laptop as the source of the compromised data elevated the concerns to legitimate panic. Security expert Peter Kruse validated the authenticity of the personal information in a tweet dated September 4: "Apple UDID leak is real. I have confirmed three of my devices in the leaked data." What remained unclear at the time were AntiSec's claims that the IDs had been discovered and subsequently pilfered from a federal agency. Why the FBI would have an extensive collection of device identifiers lingers as the most disturbing question in the investigation. On Monday, however, a software company based in Florida admitted the stolen profiles had come from its databases. Surrounded by a cadre of armed FBI agents in a show of support and contrition, BlueToad Inc. CEO Paul DeHart said, "We want to apologize, announce what happened and set the record straight."

According to the company's website, BlueToad is an electronic publishing firm "providing Digital Editions and Mobile Apps to publishers worldwide." The Apple device IDs were resident in BlueToad's systems because of the apps the company develops and sells through iTunes. DeHart, sweating and visibly anxious compared to the FBI officials beside him, revealed that the company experiences over 1,000 hacking attempts a day, though none have been successful to this point.

FBI spokesman Barris McLean confirmed DeHart's assertion, telling reporters "it certainly does appear that BlueToad was where the information was actually compromised."

Reading from a note card handed to him by McLean, DeHart said,"The false reports about the FBI were clearly fabricated by AntiSec to promote its conspiratorial agenda. How the FBI would have obtained such data, or why it would want access to a private citizen's personal records, are questions that seem ridiculous."

Continuing to read his prepared statement, DeHart added that "it's certainly not as though the United States would ever monitor the private communications of its people, or has the legal authority to conduct roving wiretaps or other surveillance maneuvers under any piece of existing legislation. The fault is entirely BlueToad's. I bear personal responsibility for my utter incompetence and failure to protect our servers -- and our customer's information -- better. Accusing the FBI of collecting consumer data should seem to most Americans as ludicrous as implying that the TSA indiscriminately gropes travelers or violates their privacy. We are working closely with authorities to close this investigation."

(c) 2012. See disclaimers.