A notorious hacker group/threat actor collective identified as “IntelBroker,” who previously claimed responsibility for other high-profile data breaches, including those of U.S. government systems in April, allegedly leaked the source code of several internal tools used at Apple via a post on a dark web forum.
IntelBroker posted that “In June 2024, Apple.com suffered a data breach,” presumably at their hands, that led to the exposure. The threat actor claims to have obtained source code for the following internal tools:
- AppleConnect-SSO
- Apple-HWE-Confluence-Advanced
- AppleMacroPlugin
These elements function as part of an authentication system that allows employees to access specific applications within the company’s network. The system is also integrated within Apple’s Directory Services database, which allows secure access to internal resources.
IntelBroker has yet to provide further details in the post, and it appears that the data could be for sale. Fortunately, the breach appears to be internal within Aple’s network and may have no impact on Apple customer data.
IntelBroker is also known for breaches on large organizations such as AMD, Zscaler, General Electric, AT&T, Home Depot, Barclays Bank, and government agencies such as Europol and the U.S. State Department.
Stay tuned for additional details as they become available.
Via 9to5Mac