Apple's Developer Center took a hit Thursday in the form of a security breach, leading the company to take the site down for a record amount of time. At first the company played it off as simple “maintenance” that was taking longer than expected, but Sunday afternoon finally confirmed the unwanted news.
Developers and consumers alike were left hoping they the hackers didn't compromise much data. Sadly, Apple has left us all in the dark on what exactly is at threat by this breach, but the company did confirm that consumer iTunes accounts and credit cards were safe.. Apple did, however, highlight some data that “may have been accessed”, including developers' names, addresses and email addresses.
The company reports to TechCrunch:
The hack only affected developer accounts
Credit card data was not compromised
They waited three days to alert developers because they were trying to figure out exactly what data was exposed
There is no time table yet for when the Dev Center will return
After the data of the attack is assessed, the next step is to figure out who is behind the server breach – which may have already found out. Ibrahim Balic, a claimed security researcher, reports that he made Apple aware of 13 bugs have been found in the website. Better yet, that was only four hours before the Dev Center was taken down.
Balic posted a video talking about the ordeal, but has since made the video private, tweeting that “the video is now removed from youtube, I [apologize] for sharing some of the confidential information, I had to, to prove the blames wrong.” Furthermore, CNN has just reached out to him to chat about the vulnerabilities in Dev Center – I smell the perpetrator.
Soon after the attack, it looks like Balic's brain finally kicked in. Most likely out of fear, the researcher didn't mean to harm or damage Apple, but to see “how deep I can go within this scope.”
Developer's information that may have been accessed, Apple is extending their developers membership along with keeping their app in the App Store.
Apple is working on the website now, but it probably will take some time to get it back up and running safely.
blog comments powered by Disqus