Apple developer website hacked, security being overhauled

By on July 22, 2013, 7:00 AM
apple, developer, hacking, security breach, intrusion

Update: Turkish security researcher Ibrahim Balic claims that he was behind the "hack" but insisted that his intention was to demonstrate that Apple's system was leaking user information, not cause any harm or steal sensitive information. His findings were submitted to Apple and details were posted to YouTube -- though the video has since been pulled. Apple took its developer site offline shortly after Balic sent in his report and has not been in contact with the researcher. Original story follows below.

Apple's developer website has been unavailable for the best part of four days, with the company revealing just today the cause of the extended downtime. In an email sent to developers, Apple explains that an "intruder" had accessed the developer portal in attempt to steal personal information from its users, and that although sensitive information was encrypted so it couldn't be accessed, the intruder may have accessed email addresses, mailing addresses and names.

Since Apple discovered the issue last Thursday, the company immediately shut down the website and began work "around the clock". The company is "completely overhauling [their] developer systems" as well as updating server software and rebuilding databases to ensure that a security threat such as this can't happen in the future. Additionally, company spokesperson Tom Neumayr told AllThingsD that "the website that was breached is not associated with any customer information".

The developer site forms a very important part of Apple's relations with app developers, as it allows access to various copies of development kits such as the iOS 7 beta. When the site originally went down on Thursday a notice was posted saying the site was down for maintenance, although now an updated message informs all developers of the cause of the maintenance while still preventing any access.

Meanwhile, a number of developers registered with the site have been reporting numerous password reset emails appearing in their inboxes, asking them to head to the Apple developer portal to change their password. With Apple revealing the security issue with the website, it's not surprising that these emails are being sent, and most importantly they should be ignored until the issue has been resolved.




User Comments: 5

Got something to say? Post a comment
1 person liked this | Guest said:

The company is "completely overhauling [their] developer systems" as well as updating server software and rebuilding databases to ensure that a security threat such as this can't happen in the future. Wow it is always nice when company wait to be hacked to update there servers software and put in more security. Way to go Apple, you rule!

Guest said:

Don't you love it when people who wouldn't know a thing about server software and security talk about it from the height of their supreme superiority! Just makes you proud to be human.

JC713 JC713 said:

Eh, I have to reset my password now...

Guest said:

Well, ubuntuforums was hacked as well... it's linux a little known OS :)

PinothyJ said:

Why are the emails, names and address NEVER encrypted??

This is all people ACTUALLY care about...

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.