Nicole Perlroth writes for the New York Times:
An Orlando company said on Monday that it — not the F.B.I. — was the source of a file hackers posted online last week that contained a million identification numbers for Apple mobile devices.
The company, BlueToad, which works with thousands of publishers to translate printed content into digital and mobile formats, said hackers had breached its systems more than a week ago and stolen the file. A few days after the file appeared online, the company realized it matched the stolen information, said Paul DeHart, BlueToad’s chief executive.
For their part, Apple is depreciating the use of UDIDs in iOS 6, which should prevent this sort of thing happening in the future. It’s another sobering reminder of the access developers can have, if they want it, and the decision of us as users to avoid giving over this information in the first place.