Anonymous hacker group publishes 27 usernames from Apple survey site

“The Internet vigilante hacker group Anonymous claimed to have broken into an Apple Inc. server and published a small number of usernames and passwords for one of the U.S. technology company’s websites,” Reuters reports.

“Anonymous said on Sunday via its account on microblogging site Twitter that Apple could be a target for hackers and released the data as part of its Anti Security, or ‘AntiSec,’ campaign,” Reuters reports. “‘Not being so serious, but well … Apple could be target, too. But don’t worry, we are busy elsewhere,’ Anonymous said on its Twitter feed, where it shared a link to the data posted on text-sharing website Pastebin.”

Reuters reports, “Anonymous said the data included 27 usernames and passwords for the www.abs.apple.com website. The website, used by Apple for online surveys, on Monday displayed an error message that said the server was temporarily offline.”

26 Comments

      1. iTunes Music/App/Book stores are run on WebObjects, which does not fall into PHP+SQL exploits (“SQL injection”).

        So, until now, there was no case of WebObjects system being hacked/cracked.

    1. Come on…! 27? They probably tried common user names randomly with obvious passwords, and by chance got 27 that worked (due to users picking easy to guess passwords).

      Gee, that SOME fancy hack… 😉

  1. Looks like apple is open to the same problems as windows, no matter how you want to disagree. There have been a lot of “patches” lately for leopard and snow leopard.

      1. wouldn’t matter. it’s exploits in the web page they exploited.
        doesn’t mean it’s apple’s hardware or server OS that was exploited.

        Look at mac defender. it targeted the USER as the weak link to infect OSX with malware, not the OS itself.

        And this could be the hole that one of these hacker groups warned Apple about last April.

  2. I did go to pastebin and look. Two observations:
    1) user ids and passwords are not associated; that is Anonymous didn’t say which id & pwd go together, if any. But with such a small number it’s not hard to figure out.
    2) the passwords were good ones – no 123456789; no abcdefg; no samuel&jones; and no “password”.
    The site had holes clearly. But password practices appear to meet high standards.

  3. The passwords are still encrypted, so it’s not much of an issue. Nothing like when Sony let loose of a bunch of plain text passwords and credit card numbers.

  4. The Apple App Store (Mac) was offline for quite a while yesterday on an otherwise perfectly functioning cable Internet connection. Was Apple just doing housekeeping or was someone up to something?
    The truth is anyone’s web site can be hacked if you don’t mind leaving a trail for law enforcement to come get you and you have the requisite knowledge and equipment. Apple’s servers run on a variety of OSes the last time I checked- many running Solaris.
    These people are not helping anyone by doing this. This kind of prank just results in more restrictions/expense on everyone else.

  5. Bet the 27 accounts were Windows users. They problably hacked the 27 users Windows PC using malware and stole their iTurnes account. Publish what they have to clain they hacked apple’s servers.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.