Apple’s developer website has been hacked. This was revealed by Apple in an email to registered developers, saying that sensitive emails, names, and physical addresses could have been compromised, and that it took the website down on Thursday to prevent any further damage.
The last time Apple’s developer website went down it was due to a rush on the company’s iOS 7 beta release in early June.
This week’s outage, however, was longer-lived for much of a day and for a much more damaging reason. Below is the notice left on their website.
Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
Previous Apple hacks have all been clientside, often through vulnerabilities in the Java software the company used to ship with OS X, and occasionally via social-engineering attacks on iCloud passwords. This is potentially a much more serious issue, as there are 300,000 iOS developers in the U.S. alone, and probably well over a million globally.
Source: Venture Beat