July 22, 2013
Hackers Take Down Apple’s Developer Portal
Enid Burns for redOrbit.com - Your Universe Online
Developers for a number of Apple products, including iOS and Mac-related apps and software, noticed that Apple was hacked last week. The Apple developer portal went down on Thursday and is still experiencing an outage.
Apple confirmed on Sunday that the site is down due to hackers. A message on the page says "We'll be back soon," and went on to explain the outage for the sake of transparency.
"Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers' names, mailing addresses and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then," the site states.
Apple is currently conducting maintenance on the portal to make sure that when the site does go back online, it will have more reinforcements than ever to protect against hackers.
"In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon," the site said.
Developers use the portal to manage their accounts and resolve issues with programming and distribution of apps. The site also hosts Apple's developer forums, API documentation and other information for developers creating for Apple platforms.
The hack attack was confirmed by Macworld, which also confirmed that the portion of the website that was breached did not contain customer information. "The attacker also did not have access to app code, or the servers where app information is stored, Apple told Macworld. The company declined to comment on whether legal authorities were involved in its investigation of the hack," the article reported.
However, when Apple shut the website down, it provided no explanation for three days, wrote TechCrunch. While the breech occurred on Thursday, it was Sunday before the reason for the outage was provided. Apparently, Apple chose to wait to provide an explanation until it had determined exactly what data were exposed. However, the message appears to say that Apple is still working to confirm exactly what data was leaked.
Developers that need to renew their licenses will get an extension while the disruption continues.
"If your program membership was set to expire during this period, it has been extended and your app will remain on the App Store," the message on the portal website said. Developers are instructed to contact Apple with any questions.
Apple has yet to provide a timetable for when the site will be back up and running.
Apple's developer website has been down before. "The last time Apple's developer website went down, it was due to a rush on the company's iOS 7 beta release in early June," VentureBeat reported.
"Previous Apple hacks have all been clientside, often through vulnerabilities in the Java software the company used to ship with OS X, and occasionally via social-engineering attacks on iCloud passwords. This is potentially a much more serious issue, as there are 300,000 iOS developers in the US alone, and probably well over a million globally," wrote VentureBeat.