Teenager hacked into Apple’s servers, stole 90GB of sensitive data

Teenager hacked into Apple’s servers, stole 90GB of sensitive data

Apple postpones iOS 14 feature that lets users control who can track them

Around 90GB of data was taken from Apple’s servers by a teenaged hacker from Melbourne, Australia who repeatedly hacked into Apple’s mainframe for over a year but the smartphone giant is reassuring customers that no personal data was compromised by the breach.

The hack took place last year when the 16-year-old, who recently pleaded guilty before The Children’s Court, used a software to gain access to Apple’s mainframe repeatedly and was able to get his hands on “authorised keys” that granted log-in access to user accounts.

Teenager used specialised software to access servers

The teenager ultimately managed to steal 90GB of data from Apple’s internal systems before Apple got wind of the hack and blocked his access. The hacker was caught after authorities carried out a raid on his home and found, among other things, a software that enabled the hacking and two Apple laptops which were used to access Apple’s servers.

“Two Apple laptops were seized and the serial numbers matched the serial numbers of the devices which accessed the internal system. A mobile phone and hard drive were also seized and the IP address … matched the intrusions into the organisation. The purpose was to connect remotely to the company’s internal systems,” the Crown Prosecutor told the Court.

According to Apple, the hacker’s access to internal servers was shut down as soon as it was discovered and that no personal information was compromised as a result.

“Our teams discovered the unauthorised access, contained it, and reported the incident to law enforcement. We regard the data security of our users as one of our greatest responsibilities and want to assure our customers that at no point during this incident was their personal data compromised,” it said.

Apple’s servers are as vulnerable as others

Even though many traditional Apple device users consider iOS to be more secure than rival operating systems, it is also true that there is no such thing that can be called as ‘perfect’ and Apple’s server infrastructure and operating system are as vulnerable to external access as others unless vulnerabilities are discovered and addressed in a timely manner.

Last year, Apple announced that its WebKit browser engine for iOS and Safari contained as many as 23 security flaws which rendered it vulnerable to remote code execution. The company introduced a new software patch to prevent hackers from spoofing address bars to get users to click on malicious links.

Apple also fixed other security issues such as the disclosure of user information through a maliciously crafted XML document, arbitrary code execution using a maliciously crafted archive, unexpected termination of the Messages app by a remote attacker, notifications appearing on the lock screen even when disabled, and exfiltration of data cross-origin by malicious websites.


Apple removes apps which could spy on unencrypted traffic

Apple launches £150,000 invite-only bug bounty programme

Apple cleans up App Store after malware infects over 300 apps

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]