The mystery of the security researcher and the Apple Development Centre

On Thursday 18^th July, the Apple Developer portal appeared to be offline, with users presented with an apologetic message explaining that, 'maintenance is taking longer than expected.' However, over the next few days a peculiar story emerged about the real reasons behind Apple's downtime. As the portal, which holds information for over 275,000 third-party developers, remained unaccessible, rumours began to spread suggesting that this was far from a routine maintenance check. The evidence pointed to either a database crash, or a serious security breach. 

 

As The Hacker News reports, Apple released a statement on Monday seeming to acknowledge the real reasons for the outage. The maintenance sign was replaced with the explanation that 'an intruder attempted to secure personal information of our registered developers from our developer website.' While Apple assured customers that their encrypted data couldn't be accessed, they were unable to guarantee that names, addresses and emails had not been stolen. Many users also received suspect password reset request emails, suggesting that the hackers were still after information. 

 

The Guardian, however, presented a slightly different version of events after interviewing Ibrahim Balic, a Turkish security researcher who claimed responsibility for the hacking. While admitting to the act itself, Balic claims his intentions were not criminal but honourable, seeking to point out flaws in Apple’s system and push himself as a researcher. While sceptics may suggest he is changing his tune after being caught, Balic outed himself not only to the public, but also to Apple, via a YouTube video complete with screenshots. The security expert found 13 separate areas of alarm, and filed a report with Apple, the same day the company closed the developer portal. 

 

So, was this a well-intentioned research mission, or a serious criminal intrusion? Apple has declined to comment on Balic's announcement, but one distinct possibility remains: he wasn't the only person delving into the company's security systems that day.

 

While Apple continues to review its systems, you can help secure your personal computer by using a VPN service. The VPN works as an additional layer of protection that stands between the data stored on your devices and anyone else attempting to access it.