Apple Developer Center Hacked? Maintenance Stokes Security Fears

Apple removed a number of its online developer tools Wednesday, reporting to users that the products were being taken down for maintenance—though some users believe changes to account details may suggest a security breach occurred.

The main landing page for Apple’s developer portal is still accessible, though a number of services available to developers remain down. The tools have been offline since 11:30 a.m. Pacific Standard Time Wednesday.

The affected services include Account, Bug Reporter, Certificates, Identifiers & Profiles, Code-level Support, Program Enrollment and Renewals, Software Downloads and Xcode Automatic Configuration.

Thus far, Apple has only offered a generic statement about the outage. “Due to maintenance, some services are unavailable," the company said in a bulletin announcing what it calls “ongoing” maintenance.

The lack of information from Apple, along with apparently suspicious account modifications noticed by a number of developers has the development community concerned about the possibility of an undisclosed data breach.

Of particular concern is the apparent change of physical addresses listed on individual accounts. Mobile software engineer and iOS Newsletter curator Kais K. said on Twitter that a number of accounts he looked at suddenly had a new address that places the developers in Russia.

The specific address lists the affected developers at bul. Novatorov, Saint Petersburg, Leningrad 198216 in the Russian Federation. The specific address appears to point to a business complex located near a driver’s license office within the Russian city.

Adding to the suspicion is the fact the maintenance was unannounced prior to its occurrence. The timing of the maintenance also may be an indication of odd behavior, as Apple is preparing for the launch of iOS 11 ahead of its upcoming event later this month. Some have suggested it is unlikely Apple would willingly take down developer services so close to a major announcement.

If Apple did suffer an attack, it would not be the first time. In 2013, the massive tech company’s developer portal was also targeted in a hacking effort.

Much like Wednesday’s occurrence, Apple opted to pull developer resources without explanation at the time, attributing the decision to maintenance. Developers were left without explanation for two days before Apple announced the breach.

That incident was carried out by a security researcher, who admitted to making use of one of 13 undiscovered bugs on the developer website to access user details. Those flaws were reported and patched by Apple.

As of 3:30pm PST, the tools in the Apple Developer Center were back online and accessible again. Apple provided no additional details regarding the outage, stating only “Due to maintenance, some services were unavailable.”

Dane Theisen, an iOS app developer who created the app R We Still On Time?, contacted International Business Times to report he was affected by the apparent hack. Theisen claimed his app developer account was compromised and had its address changed to the Russian address that was listed for other accounts.

Theisen said the hackers attempted to steal his Apple account to "take my profits that I made from selling my app." He also said he alerted Apple of the change and did not receive any acknowledgement from the company, but noticed his account was changed back to its original settings. Apple also enabled two-factor authentication on Theisen's account.

Apple did not respond to request for comment at the time of publication.