* Company updating site's technology to prevent more attacks
* Unclear what data, if any, has been compromised
* Experts don't know how the attack happened
By Jim Finkle
BOSTON, July 21 A website that Apple Inc
uses to communicate with its community of some 6
million software developers remained shuttered on Monday, four
days after a cyber attack that prompted a harried upgrade to
prevent future breaches.
It was not immediately clear what data, if any, was been
compromised by the attack.
Apple said in a notice released late on Sunday that names,
mailing addresses and emails may have been accessed by unknown
attackers. It added that "sensitive personal information" was
encrypted and could not be accessed.
Security experts said Apple's brief statement made it
difficult to assess the severity of the breach.
"I am not exactly sure what happened. I do not know what to
make of this," said Charlie Miller, author of the iOS Hacker's
Miller said he received an email from Apple on Monday
warning him about the breach, adding that he hoped none of his
personal information had been compromised in an attack.
Still, he said he had not seen any indications that suggest
other attacks on Apple could soon follow.
"I don't think this indicates any system problems in their
security," he said.
Data breaches are relatively common because hackers are
constantly identifying new ways to attack by exploiting
software bugs and leveraging mistakes in the way companies
configure websites and computer systems. Hackers are also
relentless in sending emails with malicious links and
attachments to targeted companies.
Security experts speculated that the site may have been
attacked using one of several widely known security bugs in web
technology, but there seemed to be no consensus.
A man claiming to be a Turkish security researcher posted a
video on YouTube and sent out comments on Twitter saying that he
was responsible for the attack on Apple's developer site and had
done so in a bid to publicize a security bug.
Apple declined comment on his claim, which could not be
independently verified. The man could not be reached for
Other corporate victims of recent security breaches include:
Evernote, LinkedIn Corp, LivingSocial and Sony
Apple said in its statement to developers that it was
completely overhauling the technology on the shutdown site,
which it hoped would soon be back online. ()
It may be in hot demand as developers are writing and
testing apps to run on iOS 7, the next-generation operating
system for iPhones and iPads that Apple is planning to release
in the fall.
It was the second security breach that the company has
disclosed in five months. In February, the maker of Macs and
iPhones said that some Mac computers had been infected by
hackers who had also attacked Facebook Inc and other
technology companies. ()