Apple has released a statement noting that an intruder attempted to access its developer website last Thursday, with the hacker attempting to secure personal information from developers. Although sensitive information was encrypted, the company notes “we have not been able to rule out the possibility that some developers’ names, mailing addresses and/or email addresses may have been accessed.” The site has been down since Thursday, and Apple says it’s overhauling developer systems, updating server software and rebuilding its database.
App updates, new releases, and behind-the-scenes developer account issues will be impacted by the hack; it’s also possible that the latest iOS 7 beta release may be delayed as a result.
A security researcher, Ibrahim Balić, claims that he reported a security hole in Apple’s developer portal hours before the site went down, according to 9to5Mac.
Balić claims he could access names, Apple IDs/email addresses, and user IDs through a “simple unescaped injection attack.” According to the report, Balić says he did this “for security research purposes and does not plan to use the information in any malicious manner,” and he plans on deleting the information.
.
