On Sunday night, Apple took down its Developer Center to patch a security hole that allowed anyone to access personal contact information for any registered developer, any Apple Retail or corporate employee, and even some key partners.
According to 9to5Mac, a Macintosh-focused news venue, a tipster sent an email into its tips box “that contained the personal contact information – including cell phone numbers – of several of the publication’s staffers, as well as a few high-ranking Apple executives.” You can read the full article at the link above.
In a stellar example of responsible disclosure, 9to5Mac withheld any information until after Apple fixed the issue:
Due to the critical nature of the problem, we would never reveal this type of flaw to the public until it had been dealt with and we had contacted Apple . As of last night, the hole has been patched. Keep reading for the full details of how the breach was executed and exactly what information was at risk.
Good for them!