Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Developer Site Down as Developers Report Possible Hack [Update: Apple Says No Breach]

I can confirm this is true. The developer account for my company was in fact hacked, which included our banking information (banking info was replaced with a Russian bank). It's a big deal, and definitely not something for people to be joking about. The fact that a company as big as Apple is this vulnerable should worry everyone.
 
  • Like
Reactions: Oblivious.Robot, ILikeAllOS, superblockio and 4 others
scfxmac said:
I can confirm this is true. The developer account for my company was in fact hacked, which included our banking information (banking info was replaced with a Russian bank). It's a big deal, and definitely not something for people to be joking about. The fact that a company as big as Apple is this vulnerable should worry everyone.
Click to expand...

I can confirm that my develop account banking information has not been altered at all, all my information is still correct on itunesconnect.
 
daveak said:
I can confirm that my develop account banking information has not been altered at all, all my information is still correct on itunesconnect.
Click to expand...

You appear to be in the UK. Wonder if this is something exclusive to the US.

It first became apparent when we received an auto-generated email from iTunes connect indicating that our banking information had been "updated".
 
ck2875 said:
If there was a backdoor, my money’s on it being disclosed by that HomePod firmware.
Click to expand...

If you just look a little bit closer you can see it

Patterson%E2%80%93Gimlin_film_frame_352.jpg
 
ddkkpp said:
Look at the whole quote:

Back in 2013, Apple's Developer Center was breached by hackers and was taken offline for several days as Apple worked to fix the breach, rebuild the developer database, and implement better security practices. At that time, Apple said sensitive personal information was encrypted and inaccessible, but some developers' names, mailing addresses, and email addresses may have been leaked.
now read the first 3 words. that'll give you context for the last 3.
Click to expand...
Notice it still says may. As in, never confirmed and no notice was released due to lack of affected parties i.e. didn't happen.
 
Last edited by a moderator:
macTW said:
But it was never confirmed in the previous hack. Within 4 years, wouldn't they have contacted affected parties if it did happen...?
Click to expand...

From an email Apple sent to developers in 2013, which does indeed say there is a possibility names, mailing addresses, and email addresses were accessed:

"Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon."
 
  • Like
Reactions: jef82, Chazzle, 69Mustang and 1 other person
Bummer.

These state sponsored hacks are wrecking one of the greatest inventions greatest by man.
 
scfxmac said:
You appear to be in the UK. Wonder if this is something exclusive to the US.

It first became apparent when we received an auto-generated email from iTunes connect indicating that our banking information had been "updated".
Click to expand...

That's not a good sign . . .
[doublepost=1504736091][/doublepost]
RF9 said:
if I was the hacker, I wouldn't update the account I hacked with MY address. I can't believe a Russian hacker would even use a Russian address. I'm not saying it's not a hack, I'm just saying that I'm skeptical that it's Russians just because the address is in Russia.
Click to expand...

If developer accounts are linked to in-app purchases, then changing the info to their own bank account (set up solely for this purpose of course) would make sense. I do not know how IAPs work, but if payments automatically go to the banks, then hackers accessing the accounts and changing it to their banking info, as scfxmac said happened to him, there is potential for millions and millions of dollars to be at risk.
 
scfxmac said:
I can confirm this is true. The developer account for my company was in fact hacked, which included our banking information (banking info was replaced with a Russian bank). It's a big deal, and definitely not something for people to be joking about. The fact that a company as big as Apple is this vulnerable should worry everyone.
Click to expand...

How? iTunesConnect has your bank account information, not developer.apple.com
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back