Apple on Sunday said in an email to developers that a recent days-long developer portal outage was the result of a security breach in which data may have been compromised. “Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website,” Apple said in the email. “Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.” According to 9to5Mac, security researcher Ibrahim Balic claims to have warned Apple of a major security hole just hours before the company took its developer portal offline. Balic says he was able to access first and last names of developers along with Apple IDs,email addresses and user IDs. A video from Balic follows below along with Apple’s full email to developers.
Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
