搞机播报:微信公众号代运营&代排版 // 搞机爱好者交流群开通啦(368706474)~搞机爱好者交流群

苹果承认开发者中心宕机源自黑客攻击

iOS YounG煬 45553浏览

apple-developer

 

苹果开发者网站宕机事件已持续了数天时间,Twitter 上有不少用户抱怨,并称收到了可能是来自黑客、要求用户“重置密码”的攻击邮件。苹果今天向开发者发出邮件确认称,开发者网站遭到了入侵,该入侵者试图获取注册开发者的个人信息,但苹果表示“敏感的个人信息都已加密,无法被访问”。尽管如此,苹果还是警告称,有一些开发者的名字、电子邮件地址、邮递地址已被访问。

为了应对入侵事件,苹果称公司正对网站进行“全面检修(completely overhauling)”,包括开发者系统、服务器软件和数据库。苹果的邮件里写道:“对网站宕机给您带来的诸多不便,我们深表歉意。开发者网站预计很快就会重新上线。”

以下为苹果的邮件全文:

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.
In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.

邮件译文:

“上周四,一名入侵者试图从我们的开发者网站窃取注册开发者的个人信息。虽然敏感个人信息已经加密,无法访问,但我们并未排除部分开发者的姓名、邮寄地址和/或电子邮件地址被窃取的可能。秉着透明的精神,我们希望将此问题通知各位。我们周四立刻关闭了网站,之后一直在夜以继日的工作。

为了防止类似的安全事件再次发生,我们正在彻底改版开发者系统、升级服务器软件、重建整个数据库。我们就宕机给各位带来的巨大不便致歉,预计开发者网站会尽快恢复。”

apple-developer-email

 

另外今天,又传出中国区大量用户的apple账户被盗用于刷榜,不过这次盗号事件也有可能是因为使用第三方工具造成的(如:itools,PP助手等),目前苹果还未对盗号事件做出回应。

关注搞机爱好者微信公众号

搞机爱好者微信公众号

转载请注明:搞机爱好者 » 苹果承认开发者中心宕机源自黑客攻击