UPDATED 13:11 EST / JULY 22 2013

NEWS

Apple Admits Breached Dev Center, Key Developer Information May Be At Risk

After Apple’s Developer Center was taken offline on Thursday, the company called it extended site maintenance; but recently, Apple admitted that the Developer Center was hacked, and hackers might have accessed the key developer information. The acclaimed iPhone manufacturer said that its website for third-party developers was hacked by “an intruder”, but customer information was not compromised. The site is currently being examined by Apple. Here’s what Apple said on its website:

“Apple Developer Website Update

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.”

The company said that it would completely overhaul developer systems by updating its server software and rebuilding the entire database, so as to prevent any future security threats.

As of now, Apple has not clarified how many accounts have been breached by the hackers, the security concern cannot be ruled out as there are more than 300,000 registered developers currently working on creating software for the company’s iPhones, iPads, iPods and Mac computers. At least their personal information including name and email addresses would have gone.

“In the modern era, the Internet community is an important tool for companies to interact with developers producing 3rd party connectors,” says Kyt Dotson, DevOps editor. “As a result, a lot of information is stored on dev community sites not just for devs to use to produce products–but about devs themselves. Company information, personal information, and sometimes even source code or API documentation that might spread far and wide, as a result it’s a pretty glaring target for potential bad actors who want to take advantage of a product community.”

Apparently, Turkish ‘security researcher’, Ibrahim Balic, has claimed that he is behind the breach of Apple’s Developer Center. He insists that his intentions were honest and that he wanted to expose a flaw that he’d previously flagged up to Apple, with no response.

“My intention was not attacking. In total I found 13 bugs and reported [them] directly one by one to Apple straight away. Just after my reporting [the] dev center got closed. I have not heard anything from them, and they announced that they got attacked. My aim was to report bugs and collect the datas [sic] for the purpose of seeing how deep I can go with it,” Balic told.

We just hope that this breach is just to uncover the flaws in Apple’s Developer Center site, and absolutely not like the high-profile attacks conducted on PlayStation Network.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU