It’s a sad world; the new Kardashian and Jenner apps have taken over the App Store as of late – with Kylie Jenner’s app soaring to the No. 1 spot.
But just because you have a best-selling app doesn’t mean it’s the most efficient.
A security flaw has reportedly exposed the personal information of every one of the first 891,240 users of both the Kardashians’ and the Jenners’ websites associated with the apps.
The information includes first and last names, as well as email addresses. How humiliating for some, we imagine.
A developer named Alaxic Smith discovered the security bug by playing around on the Kardashian and Jenner websites, where he came across an unsecure part of the site, which contained partial login information for all app users.
“Initially, I thought that this was some page filled with dummy data, but as I started to look closer, I realized it wasn’t,” he wrote on Medium. (Before the post was taken down.) “I now had access to the first names, last names, and email addresses of the 663,270 people who signed up for Kylie Jenner’s website.”
He also found he could create or destroy users’ photos and videos.
He said that all the sisters’ sites, which were made by Whalerock Industries, had the same flaw.
The company has since addressed the problem and issued this statement to TechCrunch:
“Shortly after launch we were alerted that there was an open Api. It was promptly closed. Our logs indicate that the author of the blog post was able to access only a limited set of names and email addresses. Our logs further indicate no one else had access and that no passwords nor payment data of any kind was exposed. Our highest priority is the security of our customers’ data.”
Well, at least that’s some reassuring news for closet Keeping Up With the Kardashians fans.
Still, seems like a pretty major oversight in a family that pays attention to every detail.