Apple’s Developer portal was hacked last Thursday, causing the company to shut down the system, according to a statement released by Apple on Sunday. The company took down the compromised site on Thursday fueling speculation among its users, but Apple did not make any public comments until Sunday.
What might have been the usual case of an undisclosed security breach took on an unexpected twist when a Turkish security researcher, Ibrahim Balic, came forward, saying that he hacked into Apple’s system without any malicious intent.
In a YouTube video, Mr. Balic again admits his role in the hacking. The Turkish researcher has published a series of screenshots showing code supposedly taken from inside the Developer system – followed by a statement declaring that he had no nefarious intentions. The video, which has a soft-rock musical underlay, was posted on Sunday, after Apple acknowledged that Developer’s security had been breached.
Balic came forward because he was frustrated by rumors the hacker was trying to exploit the system’s weakness, according to a comment attributed to Balic that ran alongside a TechCrunch article on Sunday.
The researcher says that he has found a total of 13 bugs in the Developer system, one of which has provided him access to users details. Balic reported details of the bugs to Apple on Thursday via their bug report system, and four hours later, the Developer portal closed, according to Balic.
The portal break-in created concern about what type of information Balic, or other hackers, could have accessed about the app developers.
“Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed,” Apple’s Sunday statement reads.
“I will be deleting all of the datas [sic] I have,” writes Balic on his YouTube video.
Apple is “completely overhauling” the Developer portal to prevent future attacks, writes the company.
The breach is the first known hack against any of Apple’s Web services, according to the Guardian. The security compromise has not affected Apple services such as iTunes or the App Store, though on Sunday, the App Store was briefly unavailable.
Apple has not said when the Developer store will return, but, the company says it will extend users’ membership to the Developer program for those whose service was set to expire during this period.