1M Apple UDIDs stolen from Orlando company

Blue Toad says it has fixed 'vulnerability'

ORLANDO, Fla. – An Orlando-based software company that provides digital content solutions and apps to publishers and content creators worldwide was the victim of a criminal cyber attack in which more than 1 million Apple user IDs were stolen from their system and posted on the Internet.

The cyber attack made national headlines last week when the IDs were purported to have been stolen from an FBI laptop, and Blue Toad Inc. learned that the data in question belonged to them.

"At BlueToad, we understand the importance of protecting the safety and security of information contained on our systems," said Paul DeHart, CEO of Blue Toad.  "Although we successfully defend against thousands of cyber attacks each day, this determined criminal attack ultimately resulted in a breach to a portion of our systems."

DeHart explained that after comparing and analyzing data released by the hackers and his firm's own servers, the two data sets were nearly identical matches, suggesting the leak came from Blue Toad.

DeHart said the company contacted law enforcement immediately after learning of the breach.

"We have fixed the vulnerability and are working around the clock to ensure that a security breach doesn't happen again. In doing so, we have engaged an independent and nationally-recognized security assurance company to assist in our ongoing efforts," he said.  "We sincerely apologize to our partners, clients, publishers, employees and users of our apps. We take information security very seriously and have great respect and appreciation for the public's concern surrounding app and information privacy."

The illegally obtained information primarily consisted of Apple device names and UDIDs, not private data, the company said.

DeHart said he does not know who stole the data from his company or whether it had been shared with anyone else, but the CEO did clarify that his company does not collect highly sensitive personal information like credit cards, social security numbers, or medical data.

"We understand and respect the privacy concerns surrounding the data that was stolen from our system. BlueToad believes the risk that the stolen data can be used to harm app users is very low," DeHart said.  "But that certainly doesn't lessen our resolve to ensure that all data is protected and kept from those who seek to illegally obtain it."

Watch Local 6 News for more on this story.


Recommended Videos