Intruders attack Apple developer website
22 Jul 2013
After an attempt last week by intruders to steal sensitive information, Apple Inc's main website for developers, has remained shut. The iPhone maker has taken the time to overhaul its database and server software to prevent future breaches.
Last Thursday's intrusion came as a rare cyber attack on the US company's network, at a time when third-party developers were testing their apps on Apple's iOS 7 – a smartphone and tablet platform set to launch in the fall.
Apple's developer site also houses sensitive financial information, which is encrypted.
Apple said yesterday that no customer information had been compromised, but would not rule out the possibility of developers' names, mailing addresses, and email addresses having been accessed.
According to an Apple spokesman the breached website that was not associated with any customer information.
It was not clear as to how much, if any, data was compromised and it was not possible to indentify the intruders. The company also had no comment on their identity.
The company told developers on its website that sensitive personal information was encrypted and could not be accessed, however, it had not been able to rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed.
''To prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database,'' Apple said in a statement, adding that the developer website will be up and running soon.
The developer portal - which is used by developers to manage their accounts and attend to matters related to the programming and distribution of apps - also hosts Apple's developer forums, API documentation, and more.
Apple was largely tightlipped about the downtime until Sunday, even as many developers turned to Twitter to vent their frustration with the situation, growing increasingly nervous as the outage continued.
A number of developers had concerns that their apps might get pulled from the App Store, since they could not log in to renew their developer accounts. The company finally clarified that developers facing that specific situation had no reason to worry.
Apple confirmed to Macworld, a leading site dealing the Mac ecosystem, that the breached website was not associated with any customer information; all customer information was securely encrypted, a company spokesperson said.
Apple also said the attacker also did not have access to app code, or the servers where app information was stored but declined comment on whether legal authorities were involved in its investigation of the hack.
