Apple’s Developer site is often found to have left security holes within its infrastructure, and the security breach of last year is a testament to that, and while the Cupertino outfit tries its utmost to ensure these flaws are few and far between, it’s the nature of the beast that every now and again, problems must be dealt with. Over the weekend, the Dev Center went offline for maintenance works, but while this is a frequent occurrence – particularly given that new iOS releases are almost always dished out on a Monday – the purpose this time around was to fix an issue that leaked private info of accounts all the way up to CEO Tim Cook.
As per a report by the folks of 9to5Mac, contact details stored within Developer Center server were compromised, although luckily, the developer who found his way in sought to help plug the bug rather than exploit.
Jesse Järvi, who also demonstrated the issue by means of a YouTube clip, discovered what must go down as one of the more serious security breaches we’ve seen in recent times. Email addresses and cellphone numbers for developers ranging from your everyday iOS, OS X and Safari dev to some executives further up in the higher chambers of the company were there to be snapped up by a potential hacker, and it’s no wonder the impromptu course of action was taken to ensure it was quickly remedied.
The issue was discovered on Saturday, but naturally, 9to5Mac, whom Järvi went to with his information, couldn’t report on it until it had been fixed. The hole has now, from what has been gathered, been completely patched, which is just as well given the severity and what might have happened if said information should have gotten into the wrong hands.
For those interested, a video of the exploit is embedded below. As aforementioned, the issue is no more, and thus, developers should rest assured that their contact details such as cellphone number, email, or any other private date, is safely locked away once again.
Apple hasn’t yet passed comment on the matter, but with executive data at risk along with that of the dev community, it’s more than likely that a few words will be passed in an official statement in the very near future.
You may also like to check out: