Tuesday, 5 July 2011

Anonymous hackers compromise Apple Business Intelligence database

Anonymous hackers compromise Apple Business Intelligence database

Data quietly posted under the title "Not Yet Serious" on Pastebin, a text-only file-sharing site, got a lot of attention after Anonymous, the hacking group, linked to it on Twitter. The data contained a list of 27 user names with their encrypted passwords, allegedly pilfered from the Apple Business Intelligence website. While admitting to hacking into an Apple (NASDAQ: AAPL) server used for technical online surveys (since taken offline), the tweet inspired further trepidation when it read: "Apple could be target, too. But don't worry, we are busy elsewhere."

The data was believed to have been obtained by means of an SQL injection attack, which usually entails slipping arbitrary SQL commands through improperly protected forms on a web server. Commands can be crafted to expose data stored on these systems, override existing system passwords or potentially create unauthorized system accounts. While the damage appears limited to a non-mainstream server, the alleged hack is generating extra concern due to the imminent arrival of iCloud, Apple's cloud storage facility. Some reports also questioned if the highly-prized iTunes database could remain invulnerable from hackers. Others criticized the alarmist reports. As is typical, Apple has not said anything about the incident.

No comments:

Post a Comment