Ibrahim Balic has admitted to taking down Apple's developer portal -- but wants to make the difference between a hacker and security researcher crystal clear.
Earlier this month, Apple's members-only development center, the Dev Center, experience a service outage. The site declared that the portal was "undergoing maintenance for an extended period," and the downtime spurred on a wave of grumbling across social media as developers were left in limbo.
The home page is now accessible, but the members-only area remains closed.
Downloads, guides, support, forums and developer tools all remain inaccessible. As beta testing for the latest Apple operating system is taking place for app developers, it seemed unlikely that maintenance was the true reason -- and once reports appeared that some users were receiving password reset emails, worries of a security breach began to surface.
Over the weekend, Apple revealed that "an intruder attempted to secure personal information of our registered developers from [the] developer website" in an email sent to developers. As a result, the Cupertino-based firm said it was working to prevent such a breach taking place again.
Taking to Twitter, London-based researcher Ibrahim Balic then claimed responsibility for the service outage.
Rather than being conducted with malicious intent, the researcher says that flaws were exposed in the name of research. After reports suggested that the security breach was potentially caused by cybercriminals seeking confidential developer information, Balic tweeted:
"This is definitely not a hack attack, I have reported all the bugs. I am not a hacker, I do security research."
Following the disclosure, Balic came under Apple's scrutiny, which has now contacted him via email to discuss the security vulnerabilities in the portal.
According to The Next Web, Balic's research discovered a total of 13 flaws, which were reported to the iPad and iPhone maker, and were also revealed in an uploaded video before being pulled. The researcher claims he was able to access the data of over 100,000 users.
Apple's Dev Center homepage now reads.
"In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database."