This article was published on July 22, 2013

Apple: Extended Developer Website outage due to security breach, some user info may have been exposed


Apple: Extended Developer Website outage due to security breach, some user info may have been exposed

Apple’s days-long Developer Center outages were due to a security breach according to an email sent out to developers today. The email was shared with The Next Web by Apple today, as it was sent out to developers.

Apple says that it is currently undertaking an overhaul of its security systems while the site remains down. Note that while Apple acknowledges that a breach occurred, it says that ‘an intruder’ attempted to secure personal information about registered developers from the site. Since some of that information is encrypted, it ‘cannot be accessed’, according to Apple.

However, Apple does not rule out the possibility that some servers storing developer names, mailing addresses or email addresses may have been accessed.

Apple has independently confirmed to us that no servers storing customer info like credit cards or anything related to the App Store purchase process have been breached. The hackers also did not gain access to servers storing app code or app information at all. There was access to servers where encrypted information had been stored, but no evidence that this encrypted information had been accessed.

Here is the full text of the email:

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.

The Developer Center website was taken offline on Thursday, and a notice was put in place on Friday that extended maintenance was taking place. In addition to the main developer portal, the portions of the site that allowed developers to discuss issues related to the center were also offline, causing public frustration.

Apple attributes the length of time that the site has been down, and any continuing outages, to the fact that they are completely updating their server configurations and rebuilding all databases to ensure developer information security.

Image Credit: Ed Jones/AFP/Getty Images

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with