Apple revealed late yesterday that its Developer Center had been forced out of action by “an intruder”. But a researcher has provided evidence to confirm that the downtime was a result of his identification of a security vulnerability.
Apple claimed in a statement that an intruder had attempted to steal personal information about registered developers from the site. But Ibrahim Balic, a security researcher from the UK, claims that he recently found 13 bugs within the website’s system which allowed him to secure data from more than 100,000 users.
He claims to have approached Apple with details from 73 user accounts — all Apple employees — to illustrate the flaw, offering to help them fix things. Balic claims Apple’s response was to shut down the Developer centre. That happened on Tuesday; Apple only issued a statement on Sunday.
It certainly seems that Balic’s claims match up with events in terms of timing and data collection. Balic himself claims to be “a bit irritated” that Apple has publicly announced the situation as a security breach rather than a constructive piece of research — and it remains to be seen what Apple will do about his involvement. It is, at least, comforting to know that the data isn’t being used maliciously. [The Next Web]