Get the lowest prices anywhere on Macs & iPads: Apple Price Guides updated Dec 28th (exclusive coupons)

Hacker group alleges breach of Apple database, posts 'user data' to Web [u]

Hacker group The 1775 Sec, which claimed responsibility for a recent Dropbox outage, took to Twitter on Tuesday announcing a purportedly successful breach of Apple's database.

Hack



According to The 1775 Sec's Twitter page, the hacker group conducted the operation in cahoots with the "European Cyber Army" and published the results to website Pastebin.com. The document is highly suspect, however, as are the hacker group's claims.

AppleInsider has verified that some user information is legitimate, but the veracity of other data, such as passwords, email addresses and user names, is questionable. For example, many phone numbers are no longer in service, suggesting the data is old. Another scenario is that the information is not, in fact, from Apple's database and the posts are simply a hoax to garner media attention.

The group first tweeted about the leak a few days ago:
We repeatedly warned you Apple Inc... You thought because we faked some Drop Box leaks, that we actually didn't hack you? You made a foolish move Apple! We are the 1775Sec and the European Cyber Army!

In subsequent tweets, 1775 Sec alluded to its involvement in the recent Dropbox outage that put many users out of touch with the service for over one day. This in itself is somewhat suspicious, as the group initially claimed to have successfully hacked Dropbox's database, then changed its story to claim responsibility for a DDoS attack supposedly launched in commemoration of Aaron Swartz's death.

Dropbox maintains the downtime was caused by an internal error during scheduled maintenance and refutes any claims of a security breach.

Apple was most recently the target of an attack in July of 2013 when its developer portal was compromised by "an intruder." In response, Apple took down the website to avoid future attacks and conduct an overhaul of system security. The portal was down for a total of eight days and no sensitive information was leaked.

We have reached out to Apple for comment and will update this story upon receiving a response.

Update: Reader Janne has confirmed that the supposedly "leaked" data is not from Apple's servers, but to an app-related website. The site has been informed of the breach and is making modifications to its security system.

AppleInsider's Victor Lester Marks contributed to this report.