Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Apple Developer Site Breach - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Developer Site Breach

Apple closed access to it's developer site after learning that it had been compromissed and developers personal information had been breached [1].

In the notice posted to the site, Apple explained that some developers personal information like name, e-mail address and mailing address may have been accessed. The note does not mention passwords, or if password hashes were accessed. 

One threat often forgotten in these breaches is phishing. If an attacker has access to some personal information associated with a site, it is fairly easy to craft a reasonably convincing phishing e-mail using the fact that the site was breached to trick users to reset their password. These e-mail may be more convincing if they include the user's user name, real name or mailing address as stored with the site.

A video on YouTube claims to show records obtained in the compromisse [2] . The video states that 100,000 accounts were access to make Apple aware of the vulnerability in its site and that the data will be deleted.


Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANSFIRE 2022


4510 Posts
ISC Handler
Jul 22nd 2013

Sign Up for Free or Log In to start participating in the conversation!