The data was not linked to the more than 200m customer credit cards stored on the iTunes online store. The server collected survey information and therefore might have only limited use for criminals.
Nonetheless, the breach showed that a recent wave of cyberattacks designed in part to embarrass big companies would continue, even without Lulz Security, the pioneering group that drew wide attention for a similar, 50-day spree.
A potential Apple breach was publicised through a Twitter message from AnonymousIRC, one of many accounts associated with the cyberactivist collective Anonymous.
“Apple could be targeted, too. But don’t worry, we are busy elsewhere”, the Anonymous account wrote on Twitter.
When Lulz disbanded a week ago, it said some future attacks would be carried out by Anonymous and called on other hackers to continue the effort it calls AntiSec, for anti-security.
Apple declined to comment. On the surface, the breach at the largest music music would seem less serious than recent penetrations at big gaming groups such as Sony, which saw details of 100m online game players revealed.
Lulz drew big concern from the law enforcement authorities because it temporarily knocked offline public websites of the CIA and the UK Serious Organised Crime Agency and penetrated a joint venture between the FBI and the private sector.
In the UK, 19-year-old Ryan Cleary has been charged with denial-of-service attacks like that on Soca and is co-operating with authorities. Lulz has said that he played a tangential role in its operations.
In the past two weeks, the FBI searched two US residences in its probe, carting off computers from the homes of a teenager from Hamilton, Ohio, and a 29-year-old woman in Davenport, Iowa.
Material from the FBI’s probe includes evidence of internal rifts, which are proving a fruitful source of information in the inquiry. Lulz published the
Ohio teen’s address and online nicknames this month as it blamed him for the arrest of Mr Cleary. The Iowa woman told the Financial Times she was outed after leaking records of the group’s internal chats, which she did after they turned against a friend.
In an apparently unrelated attack on Monday, News Corp’s Fox News said one of its Twitter accounts, Foxnewspolitics, had been compromised and used to send out false messages stating that US president Barack Obama had been assassinated. It said it was investigating the incidents.