Received the following email from Apple this morning, 23rd July at 11:13 AEST -
Quote:
|
Originally Posted by Apple Inc
Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.
|
The Apple Developer web site has been offline since Thursday July 18th
for what Apple described as "maintenance".
However, the company waited 3 to 6 days before alerting developers that their personal
data may have been accessed.
Now, UK-based Turkish security researcher, Ibrahim Balic, has claimed
responsibility for the attacks, but insists it was for legitimate security research.
Balic claims he found 13 bugs with the Apple Developer web site that allowed him
to compromise it and was able to access "over 100,000+ user details".
Apple claims that whilst most of the compromised data was encrypted, that of the
developer's names were not.
Story here -
http://www.independent.co.uk/life-st...s-8725987.html