A threat actor known for pulling off major high-profile breaches is now claiming to have gotten its hands on the internal source code for three popular Apple tools. The three tools in question are identified as AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin.
It appears that AppleConnect-SSO is the company’s single sign-on solution for employees and partners, using Apple IDs to access multiple services. The other two tools seem to be related to Apple’s hardware engineering teams and Apple’s plugin for adding custom macros, respectively.
It’s surprising, nevertheless, that Apple, known for its strict security measures and staunch defense of customer privacy, has purportedly faced a data breach. According to DarkWebInformer on X, IntelBroker has reportedly leaked internal code from Apple. “I’m releasing the internal source code to three of Apple’s commonly used tools for their internal site, thanks for reading and enjoy!” posted IntelBroker on BreachForums.
The Mac Observer reached out to Apple for clarification regarding the data breach, but as of publication, the company had not responded to our inquiries. We will update this article accordingly once we receive a response from Apple.
If the claims hold water, it might put Apple’s security practices under the microscope and pose many questions regarding how Cupertino protects its internal tools and data. The forum post by IntelBroker lacks additional specifics or explanations for the disclosed applications. Typically, major breaches involve attempts to sell data, potentially including source code, but such intentions seem absent in this instance.
Notably, IntelBroker was also behind the recent AMD data breach and is allegedly selling the compromised data about the company’s “products, spec sheets, employee databases, customer databases, property files, ROMs, source code, firmware, and finances.” In response, AMD told Reuters that it is investigating the claims made by the threat actor.