Apple Developer Site Breach
Last Updated: 2013-07-22 10:24:34 UTC
by Johannes Ullrich (Version: 1)
Apple closed access to it's developer site after learning that it had been compromissed and developers personal information had been breached .
In the notice posted to the site, Apple explained that some developers personal information like name, e-mail address and mailing address may have been accessed. The note does not mention passwords, or if password hashes were accessed.
One threat often forgotten in these breaches is phishing. If an attacker has access to some personal information associated with a site, it is fairly easy to craft a reasonably convincing phishing e-mail using the fact that the site was breached to trick users to reset their password. These e-mail may be more convincing if they include the user's user name, real name or mailing address as stored with the site.
A video on YouTube claims to show records obtained in the compromisse  . The video states that 100,000 accounts were access to make Apple aware of the vulnerability in its site and that the data will be deleted.
Johannes B. Ullrich, Ph.D.
SANS Technology Institute