Apple’s developer website has been offline since Thursday because a hacker gained unauthorised access and, according to Apple, ‘attempted to secure personal information of our registered developers.’
In an email to developers yesterday, Apple said:
Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
It added that it was ‘overhauling’ developer systems, including the web server and user database and said that to hoped to have the site back up soon.
Responsibility for the intrusion was claimed today by Ibrahim Balic who, in a comment made on Tech Crunch, described himself as a security researcher. Balic claimed that he found 13 bugs on the site and that one of them allowed him to access members’ details. He took the details of 73 members, all Apple employees, and sent them to Apple to illustrate that he had gained access.
‘I didn’t attempt to publish or have not shared this situation with anybody else. My aim was to report bugs and collect the datas for the porpoise [sic] of seeing how deep I can go within this scope,’ said Balic.
