The recent iCloud breach will forever go down in infamy, and while Apple claims that it didn’t know about the exploited vulnerabilities a developer claims he informed Apple of the vulnerabilities over six months ago.
Ibrahim Balic claims that he found a way to hack into iCloud in March and forwarded the email exchange to The Daily Dot. It’s not clear if it’s the exact same vulnerability as the one used in the recent hack, but since it involve Balic trying up to 20,000 passwords on individual accounts it’s likely to be very similar.
The vulnerability apparently remained unfixed, as Apple officials apparently continue to question Balic about the discovery. While it could be that it’s not the same issue that caused the mass breach, it would be even more disturbing if it was, in fact, another gaping flaw in iCloud security.
Apple has not commented on the authenticity of Balic’s claims, but if it’s true then Tim Cook’s proposed improvements to Apple’s security should definitely take white-hat hackers more seriously.