Kardashian websites exposed user data

By on
Kardashian websites exposed user data

Social media websites blew up earlier this week when the Kardashian sisters launched their own line of apps and websites to provide fans with exclusive content.

On Kylie Jenner's app, for example, the teen star posts photos and blog entries, similar to those she posts on Snapchat or Instagram. While hundreds of thousands of people scrambled to purchase a subscription for the content, one developer, Alaxic Smith, explored the websites' buried code.

He found that for a brief period, all the websites exposed users' subscriber information, including their first names, last names and email addresses. Exploiting a flaw in one of the sites' APIs, Smith could also create or delete users, photos and videos, he wrote on a now-cached Medium post.

The website creator, Whalerock Industries, confirmed the breach and said it patched the open API. No one else exploited the flaw, the company said. 

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

What's your reaction to Microsoft shifting Azure prices into $US?
Upset that we'll pay more
We'll manage it, but wish prices were consistent
Not a problem - we already purchase in $US
We'll move to other clouds
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?