A Turkish developer in London claims he was the person who hacked the Apple developer site, and says he has the details of over 100,000 registered users in his possession.
The video is still on YouTube, but Balic has made it private, saying it contained sensitive data.
Balic calls himself a security researcher and said he had found thirteen bugs that had been reported to Apple. He had not heard back from Apple over the reports and the silence appears to be the reason Balic penetrated the developer site, which was shut down last Thursday and only reopened yesterday.
"One of those bugs have provided me access to users details etc. I immediately reported this to Apple. I have taken 73 users details (all apple inc workers only) and prove them as an example," Balic wrote in his TechCrunch comment.
"My aim was to report bugs and collect the datas for the porpoise [sic] of seeing how deep I can go within this scope. I have over 100.000+ users details and Apple is informed about this. I didn't attempt to get the datas first and report then, instead I have reported first.
I do not want my name to be in blacklist, please search on this situation. I'm keeping all the evidences, emails and images also I have the records of bugs that I made through Apple bug-report."
There has been no official comment from Apple over Balic's claims, but on Twitter, Tumblr co-founder and Instapaper creator Marco Arment said the timing of the claims matched up.
Ibrahim Balic’s timing and data collected line up very well with Apple’s story so far.— Marco Arment (@marcoarment) July 22, 2013
Apple has confirmed the site was attacked and that a database was accessed, but said the sensitive information stored in it was encrypted. Some data may have been leaked, nevertheless.
"We have not been able to rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed," Apple said in its statement.