• Home
  • Apple
  • News
  • Apple Reveals Security Breach on Online Developer Portal – No User Information Released

Apple Reveals Security Breach on Online Developer Portal – No User Information Released

Apple Reveals Security Breach on Online Developer Portal – No User Information Released

Apple on Sunday acknowledged that its developer portal was hacked, leading to the days long outage of the portal. The company apologized and says it expects to have the portal back up and running soon.

apple_developer_hacked_notice

Apple email to developers, via Macworld:

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.

The developer portal is where developers submit apps for inclusion in Apple’s iOS and Mac App Stores. It also hosts Apple’s developer forums, API documentation, betas of Apple’s mobile and computer operating systems and more.

Apple had remained mostly silent about the downtime until Sunday’s email. Many developers had taken to the net to vent their frustration with the outage, growing increasingly uncomfortable with the continued outage.

Apple has confirmed to Macworld that while the website was breached, the attack was not associated with any customer information, saying all customer information is encrypted. The attacker also did not gain access to app code, or the servers where that code is stored. The company has not commented on whether legal authorities were involved in the investigation of the hack.