Apple Says Its Developer Site Was Hacked

Thanks;Ian Sherr

Apple Inc. told software developers that its website for them had been hacked and some information may have been stolen.
In response to the attack, which took place Thursday, the company said it is overhauling its developer systems, updating software and rebuilding its database.

Associated Press
Developers look over new apps being displayed on iPads at the Apple’s Worldwide Developers Conference in San Francisco in June.
In an email sent to the developers, Apple said an intruder attempted to secure personal information from the website. It also said that “sensitive” personal information on the site is encrypted and cannot be accessed and that information associated with its customers wasn’t affected.
“However, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed,” the company wrote.
Apple said it took the site down Thursday and has been working around the clock since then in response to the attack. “In the spirit of transparency, we want to inform you of the issue,” the email said.
The company didn’t say how many developers might have been affected by the attack. But large numbers of people work on creating software for Apple’s popular iPhones and iPads as well as its Mac computers. The company says there are 275,000 registered developers for its mobile devices.
The developer connection website contains pre-release software, technology for testing new programs and information about how to code applications for the company’s various products. Apple is currently completing work on new versions of its iOS mobile operating system and its Mac software.
The company hadn’t previously explained why the website became inaccessible Thursday. Some online publications reported that developers said their passwords had been reset.
Apple had largely been spared the high-profile break-ins that have afflicted some other companies. Sony was attacked in 2011, for example, causing more than 100 million of its customer’s accounts to be compromised. Hacking groups, including the loosely organized Internet political group Anonymous, attacked the systems of various other companies including Nintendo, and government affiliates and agencies.
Apple assured developers that it is “completely overhauling” its developer systems, updating software and working on its databases.
“In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.”
Apple declined to provide any information about who attacked them, nor whether it was working with any government agencies or outside investigative teams.
“The website that was breached is not associated with any customer information,” Tom Neumayr, an Apple spokesman said. “Additionally, customer information is securely encrypted.”
David Barnard, founder of App Cubby, a company that makes apps for Apple’s devices, said having the site down is an inconvenience. But he said he is not worried about the lost data, since he uses a UPS mailbox for his address and a unique password that could not be used to tap into other sites.
One potential worry is if the attacker got access to his company’s employer identification number, the equivalent of a social security number for businesses, “but from what I understand that data is stored in a completely separate system and was not compromised,” Barnard said.