Apple’s Developer Site Was Hacked

Last Thursday, the company took its site for software creators offline; now it's explaining why.

  • Share
  • Read Later

Last Thursday, Apple’s developer site — the place it uses to provide information and downloads to folks who write software for OS X and iOS — went down. As I write, it’s still offline — an uncommonly long time for an unplanned outage, especially given that developers are working with beta versions of the company’s operating systems, both of which are due to ship this fall.

But now Apple has finally offered a (brief) explanation of what’s up. (See message above.) The company says that an intruder tried to break into the site. It’s not sure whether the person in question got at any names, e-mail address or mailing addresses, but it says that unspecified “sensitive personal information” was encrypted. Here’s a little more detail from The Loop’s Jim Dalrymple, including the point that the information of normal, non-developer customers — that is, all of us with iTunes accounts — wasn’t at risk.

Apple also reports that it’s working around the clock to secure the site and the information it contains and hopes to be up and running “soon.” And it apologizes for the inconvenience.

Some people are already grumbling on Twitter about the time it took for Apple to disclose the breach; others are defending the delay. But it’s hard to come to any conclusions about how swiftly the company moved as long as we don’t know just when it figured out what had happened. Even though it’s the world’s most famously closed-mouthed tech company, I hope it releases more facts about the break-in once it’s bolstered its defenses.

[UPDATE: Via Marco Arment, a comment on a TechCrunch story from someone who claims to have found a bug which allowed him to access information on Apple developers. He says he notified Apple of his discovery shortly before the company shut down the developer site — and he includes a video, with jazzy music, showing off what he found.

The person in question says he’s a security researcher rather than a hacker, but he also seems to say he broke into Apple’s system. If you, like me, don’t consider “hacker” to be an inherently negative job description, he sure sounds like a hacker to me, assuming his claims are true.]