Hacker Claims Theft of Apple’s Internal Tool Source Code

A hacker known as IntelBroker has announced on BreachForums that they have stolen the source code for several of Apple’s internal tools. According to the message posted by the hacker, “in June 2024, a data breach occurred at Apple.com,” which allegedly led to the exposure of this information. IntelBroker claims to have obtained the source code for the following internal Apple tools: AppleConnect-SSO, Apple-HWE-Confluence-Advanced, and AppleMacroPlugin.

As reported by 9to5Mac, little is known about Apple-HWE-Confluence-Advanced and AppleMacroPlugin. However, AppleConnect-SSO is an authentication system that allows employees to access certain applications within Apple’s network. This system is integrated with the Directory Services database, providing secure access to internal resources. For example, iOS apps intended for employees only use AppleConnect-SSO for fast and secure authentication. A former Apple retail employee told reporters that AppleConnect serves as the employee equivalent of an Apple ID and is used to access all internal systems except email. The tool is integrated into many internal services used by Apple Store staff, including Concierge, EasyPay, and MobileGenius, as well as the AppleWeb and PeopleWeb sites, among others.

The publication emphasizes that the alleged leak appears to be limited to internal company data and is unlikely to affect Apple customer information.

In their post, IntelBroker did not disclose any additional details. It appears the hacker intends to sell the allegedly stolen data from Apple.

It’s worth noting that IntelBroker has recently been responsible for leaking data stolen from a number of U.S. government agencies, including the State Department, the Department of Defense and the U.S. Army, as well as Immigration and Customs Enforcement (ICE) and U.S. Citizenship and Immigration Services (USCIS).

Additionally, IntelBroker has been linked to other high-profile incidents, including a data breach affecting members and staff of the U.S. House of Representatives, the hacking of Hewlett Packard Enterprise (HPE), data leaks from General Electric, and a breach involving the Five Eyes intelligence alliance, among others.

Last month, IntelBroker also claimed responsibility for hacking the Europol Platform for Experts (EPE) portal, stating that they stole “For Official Use Only” documents and files containing classified information from Europol. Shortly after, law enforcement attempted to shut down the BreachForums hacker forum, where the data was being sold, for the second time. However, the site soon resumed operations.