The hacking collective AntiSec said to prove its claim it had posted on the Internet a sample of one million user identities in the form of unique device IDs (UDID) of Apple iPhones and iPads, which are 40 typographic characters long.

AntiSec, a movement which rejects pressure from computer software security firms on customers to fully disclose private details, said its evidence was obtained in March from a notebook PC of a FBI operative who worked at a cyber policing center in New York.

Inside the stolen data file, said AntiSec, was a tabular list of 12.3 million UDIDs.

The Internet blog 'geekosystem' said, if proven, the disclosure by AntiSec could be "one of the worst data privacy disasters yet."

It added that, if accurate, the file could point to the National Cyber-Forensics & Training Alliance, a non-profit, public-private corporation set up to fight cyber crime.

Experts seek verification

Although it was unclear whether the FBI had been tracking Apple users, the British security firm Sophos said it was obvious that the FBI data was not adequately stored.

"Hacking into computers is a criminal act -- and I would anticipate that the FBI and other law enforcement agencies will be keen to hunt down those responsible," said Sophos spokesman Graham Cluley.

Commenting via a social network service, Peter Kruse, an e-crime specialist with CSIS Security Group in Denmark, said the leak was "real" and that he had found three of his own devices listed in the leaked data.

"Also notice that they claim to have full name, addresses, phone numbers etc..," Kruse said.

But Johannes Ullrich of the SANS Internet Storm Center told the news agency AFP that it was difficult to verify the AntiSec claim.

"There is nothing else in the file that would implicate the FBI. So this data may very well come from another source."

"The size of the file...  would imply a widespread, not a targeted tracking operation, or the file was just kept in case any of the users in the file needs to be tracked," Ullrich said.

AntiSec claimed that government services were hunting hackers world-wide while at the same time recruiting hackers to pursue political agendas within government circles.

ipj/mz (dpa, AFP)