Tuesday, July 23, 2013

Apple Developer site hack: Turkish security researcher claims responsibility

Turkish security researcher claims to have found flaw in system, which has been offline since Thursday as company 'rebuilds and strengthens' security around databases.

Apple says its Developer portal has been hacked and that some information about its 275,000 registered third-party developers who use it may have been stolen.
The portal at developer.apple.com had been offline since Thursday without explanation, raising speculation among developers first that it had suffered a disastrous database crash, and then that it had been hacked.
A Turkish security researcher, Ibrahim Balic, claims that he was behind the "hack" but insisted that his intention was to demonstrate that Apple's system was leaking user information. He posted a video on Youtubewhich appears to show that the site was vulnerable to an attack, but adding "I have reported all the bugs I found to the company and waited for approval." A screenshot in the video showed a bug filed on 19 July - the same day the site was taken down - saying "Data leaks user information. I think you should fix it as soon as possible."
More here: http://www.guardian.co.uk/technology/2013/jul/22/apple-developer-site-hacked

No comments: