Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Developer Site Down as Developers Report Possible Hack [Update: Apple Says No Breach]

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
67,963
38,676



Apple's Developer site has been down for a couple of hours now, and while it originally seemed like the outage was related to maintenance, a few reports trickling in from developers suggests there could potentially be another cause.

Several developers are reporting that all of their developer account addresses have been updated with an address in Russia, perhaps indicating some kind of breach or serious internal error. According to multiple developer reports, their accounts list a Russian address instead of their correct address.

russiaaddressdevelopercenter-800x161.jpg

All my teams on Developer Member Center at @apple are registered in Russia. Nice. pic.twitter.com/kyYyRyLTR7 - Dal Rupnik (@TheLegoless) September 6, 2017
Click to expand...

It's not clear what's going on with the developer site at this time. We have reached out to Apple for more information and will update this post should any new information become available.

@apple developer account addresses are all showing an address in Russia... - David Negron (@dave_negron) September 6, 2017
Click to expand...
Back in 2013, Apple's Developer Center was breached by hackers and was taken offline for several days as Apple worked to fix the breach, rebuild the developer database, and implement better security practices. At that time, Apple said sensitive personal information was encrypted and inaccessible, but some developers' names, mailing addresses, and email addresses may have been leaked.

Update: The Apple Developer site is now back up. No reason has been provided for the outage or the appearance of Russian addresses on some accounts.

Update 2: In a statement provided to MacRumors and sent out to affected developers, Apple's Developer Program support staff says there was no security breach. Instead, there was a bug in the account management application that caused address information to be temporarily displayed incorrectly.
"Due to a bug in our account management application, your address information was temporarily displayed incorrectly in your account details on the Apple Developer website. The same incorrect address was displayed to all affected developers. The underlying code-level bug was quickly resolved and your address information now shows correctly. There was no security breach and at no time were the Apple Developer website, applications, or services compromised; nor were any of your Apple Developer membership details accessed by, shared with, or displayed to anyone."
Click to expand...

Article Link: Apple Developer Site Down as Developers Report Possible Hack [Update: Apple Says No Breach]
 
Article Link
https://www.macrumors.com/2017/09/06/apple-developer-site-down-possible-hack/
I use two-factor authentication to access my developer account. I didn't know it was optional. If this story pans out as reported, I'd be curious to know if the hackers were able to circumvent it.
 
I hope my account details are still safe.

Edited to add: I can't remember if I had two-factor turned on for the Developer account, albeit it is turned on for the Applied site and the rest of my Apple account.
 
HiVolt said:
Speaking of that, I noticed earlier in the day I had like 10 app updates... i updated them, thinking nothing of it...

Now I'm wondering... These werent just smallfry apps, but big name apps too.
Click to expand...

Yeah I currently have 22 which are automatically updating right now, this is probably due to the fact iOS 11 is out in 6 days.
 
HiVolt said:
Speaking of that, I noticed earlier in the day I had like 10 app updates... i updated them, thinking nothing of it...

Now I'm wondering... These werent just smallfry apps, but big name apps too.
Click to expand...

There would be more than the developer site down if this were an issue. Apple would be completely screwed if someone managed to get access to the private signing keys for apps and todays beta updates. Given nothing else is down, wouldn't worry.
 
macTW said:
Irresponsible macrumors for making up a possible outcome that there is no evidence of having happened.
Click to expand...

Look at the whole quote:

Back in 2013, Apple's Developer Center was breached by hackers and was taken offline for several days as Apple worked to fix the breach, rebuild the developer database, and implement better security practices. At that time, Apple said sensitive personal information was encrypted and inaccessible, but some developers' names, mailing addresses, and email addresses may have been leaked.
now read the first 3 words. that'll give you context for the last 3.
 
Last edited by a moderator:
  • Like
Reactions: Rob_2811, Moonlight, Jakewilk and 1 other person
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back