Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Apple’s iOS developer site has been offline for about three days. The reason? A security breach.
TechCrunch’s Greg Kumparak reported, “After 3 days of silence as to why the iOS Developer Center has been down, Apple has just confirmed that they are investigating a security breach.”
Macworld quoted the email regarding the incident that Apple sent to developers. It said:
Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
According to The Guardian’s Charles Arthur, “A Turkish security researcher, Ibrahim Balic, claims that he was behind the ‘hack’ but insisted that his intention was to demonstrate that Apple’s system was leaking user information. He posted a video on Youtube which appears to show that the site was vulnerable to an attack, but adding ‘I have reported all the bugs I found to the company and waited for approval.’ A screenshot in the video showed a bug filed on 19 July – the same day the site was taken down – saying ‘Data leaks user information. I think you should fix it as soon as possible.'”
AppleInsider added, “Balic said he found a total of 13 bugs on Apple’s site, one of which provided him with access to user information. He claims to have taken 73 user details — all of whom are Apple employees — and given them to the company as an example.”
