Apple’s Developer sites has been taken offline following a hack which may have exposed developers’ names, mailing addresses and/or email addresses.
Point yourself at Apple’s Developer portal and try to hit any of the “Dev Centers” and you’ll be greeted with a friendly message saying, “We’ll be back soon.” The site was hacked on July 18 and has been offline ever since; Apple said that while all the information accessed in the breach was encrypted, “we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.”
“In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then,” the message states. “In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.”
Turkish security researcher Ibrahim Balic claimed responsibility for the attack but said he carried it out simply to demonstrate the weakness of Apple’s security. “My intention was not attacking. In total I found 13 bugs and reported [them] directly one by one to Apple straight away,” he told the Guardian. “Just after my reporting [the] dev center got closed. I have not heard anything from them, and they announced that they got attacked. My aim was to report bugs and collect the datas [sic] for the purpose of seeing how deep I can go with it.”
Apple has not commented on Balic’s involvement, nor has it given any indication as to when the Developer sites might be back online, but developers whose memberships were set to expire during the downtime will have them automatically extended to make up for the lost time.