In April 2026, the FBI apprehended an individual associated with the Scattered Spider group, who had concealed his online activities using a VPN. His efforts were thwarted by the GDID, a 64-bit Persistent Unique Identifier assigned by Microsoft upon logging into Windows. The GDID is stored in plain text in the registry and is linked to Microsoft’s servers, remaining unaffected by changes to IP addresses or attempts to delete it. Disabling Windows telemetry does not prevent the GDID from being accessed, as it operates through other services. To mitigate its transmission, users can disable certain services and modify the hosts file, although the GDID itself remains stored on Microsoft’s servers. Scripts are available on GitHub to audit and implement changes regarding the GDID. Transitioning to a local account does not guarantee anonymity, and for sensitive activities, using a live Linux system is recommended for better data control.