Apple Developer site goes down and some users are fearing a hack

Some developers say accounts changed to point to Russian address.

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Apple Developer site goes down and some users are fearing a hack

As Mac Rumours reports, Apple’s Developer Center (developer.apple.com) went unexpectedly offline for a few hours earlier tonight.

That’s obviously a nuisance for any coder, but what really put the cat amongst the pigeons were tweets by some developers that prior to the downtime, their developer account profiles had been updated without their permission, pointing to an address in Russia.

Is this a malicious hack or some more down-to-earth internal goof that has caused some Apple developers to see the wrong contact information on their profile?

Probably only Apple can answer that question with certainty, but it’s important to note that even if some accounts were compromised to have a postal address of “Saint Petesburg” (sic), that’s a different scale of threat from there being an inherent vulnerability in the Apple Developer portal that could be exploited on a grand scale.

I think everyone should be careful about leaping to the conclusion that a site has been hacked, because – without the right evidence – it can lead to panic and poor decisions being made. It’s all too easy with social media to throw a snowball and for it to grow into an avalanche.

AppleHopefully Apple will be able to shed more light on what happened (and what didn’t happen) in the coming hours.

What they won’t want is the kind of kerfuffle we saw four years ago when a Turkish security researcher claimed to have found a flaw in the Apple Developer Centre site that allowed him to retrieve information on more than 100,000 users.

At least this latest problem has come to light now, rather than next week when Apple will take to the stage in California to announce an array of new products, including the iPhone 8. Imagine how much more of a nuisance that would have been.

Update: Apple has blamed the incident on a software bug.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.