Apple admits its developer site was hacked, says some data may have been stolen

apple developer siteWhen Apple’s developer site went down on Thursday, the company put up a short notice saying that maintenance work was taking place. However, after 24 hours, the site was still offline, leading some to believe that it was more than just a bit of routine tinkering taking place. And they were right.

Three days after the site went down, and with developers becoming increasingly concerned about the reasons for the outage, Apple sent out an email explaining that, in fact, the site had suffered a security breach.

The message (below) – also posted on the Member Center webpage where developers usually log in – said “an intruder” had entered the site last week in an attempt to steal personal data from registered developers. While Apple was certain in the belief that sensitive personal information of registered developers had not been accessed, it said it could not “rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.”

The tech giant said that to prevent a similar breach happening again, it was working to overhaul its developer systems, update its server software, and rebuild its database.

The site, which provides third-party software developers with app-related resources, information and downloads, was still down late Sunday evening, with no indication given as to when it might be back online.

Speaking to AllThingsD about the incident, Apple spokesman Tom Neumayr said that while he wasn’t prepared to go into detail about the flaws in the old system or the work being done to correct the issue, he wanted to make clear that no information belonging to customers was stolen.

Meanwhile, in another development Sunday evening, security researcher Ibrahim Balic claimed on TechCrunch that on Thursday he reported to Apple a number of security weaknesses he’d found on the developer site, adding that he had been able to access personal details of a number of users. Hours later the Cupertino company took it offline.

Balic, who insists his work had no malicious intent, believes his findings may be the reason the site was taken down, although Apple is yet to contact him about his bug reports.

Below is Apple’s full message to developers:

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.

If your program membership was set to expire during this period, it has been extended and your app will remain on the App Store. If you have any other concerns about your account, please contact us.

Thank you for your patience.

Mobile

The LG V40 ThinQ has five cameras and is now available on Verizon

LG has finally taken the wraps off the new LG V40 ThinQ, the company's latest and greatest flagship phone that packs a whopping five cameras. Here's how to buy the new LG V40 ThinQ.
Social Media

Tumblr promises it fixed a bug that left user data exposed

A bug on blogging site Tumblr left user data exposed. The company says that once it learned of the flaw, it acted quickly to fix it, adding that it's confident no data linked to its users' accounts was stolen.
Computing

Is the Pixelbook 2 still happening? Here's everything we know so far

What will the Pixelbook 2 be like? Has the Pixel Slate taken its place? Google hasn't announced it, but thanks to rumors and leaks, we think we have a pretty good idea of what the potential new flagship Chromebook will be like.
Mobile

Montblanc’s $995 Summit 2 watch stays on your wrist for longer between charges

Montblanc has taken the wraps off of the new Montblanc Summit 2 -- the first watch to feature the new Qualcomm Snapdragon Wear 3100 processor. The watch features a premium design and Google's Wear OS.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

If you weren't already aware, USB-C is quickly becoming mainstream. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone.
Computing

How to protect your iCloud account

From Chinese hacking to identity theft, it's not surprising if you're a little worried about your iCloud data. Here's how to protect your iCloud account with a few simple security steps. It will only take a few minutes, and we'll walk you…
Mobile

Preapproval for iPhone Upgrade Program now available for iPhone XR

Apple took the wraps off of its new set of iPhones, including the iPhone XS, iPhone XS Max, and the new iPhone XR. The iPhone XR is being offered as the "affordable" iPhone, and it's a little different than the more expensive models.
Mobile

Upcoming iPad may lose a few millimeters, along with its headphone jack

The new iPhone XS, iPhone XR, and Apple Watch aren't the last devices we'll see from Apple in 2018. There are plenty of rumors about a new iPad coming this year too, and it may share some design similarities with the new phones.
Computing

Which is best: The Lenovo ThinkPad X1 Extreme or the 15-inch MacBook Pro?

To try and help nail down the best 15-inch laptops in the world, we compared the Lenovo ThinkPad X1 Extreme vs. MacBook Pro 15 in a head to head that looked at their power, design, and portability.
Mobile

Google Pixel 3 vs. Apple iPhone XS: Does Google’s A.I. take down Apple?

The Google Pixel 3 is here, boasting top-tier specs like a Qualcomm Snapdragon 845 and 4GB of RAM, and some of the world's best artificial intelligence features on a phone. But can it take out the Apple iPhone XS?
Mobile

Hinge's new feature wants to know who you've gone out on dates with

With its new "We Met" feature, Hinge wants to learn how your dates are going with matches in its app. That way, it can inject the information into its algorithm to provide future recommendations that better suit its users' preferences.
Mobile

Which Verizon plan is best for you? We check out family, individual, and prepaid

Verizon offers lots of plans for individuals, your family, and folks who want prepaid service. Here is everything you need to know about Verizon's plans, from data packages and smartphones to Big Red's prepaid plans.
Mobile

Safeguard your new Apple smartphone with one of our favorite iPhone XS cases

If the iPhone XS is your next phone, then you’ll want to shop for some proper protection now. That glass sandwich design is all too easy to scratch or crack, so make sure you snag one of the best iPhone XS cases to keep it looking good.
Mobile

Here are our favorite wireless phone chargers for Android devices and iPhones

We checked out the best wireless phone chargers to make tangles and uncooperative ports a thing of the past. Whether you have an iPhone or Android, find out which wireless charging pads are worth buying, and how their features compare.