A young developer, poking around the code of Kylie Jenner‘s new website, was able to access the full names and email addresses of over 600,000 users.

In addition to personal info, Alaxic Smith, 19, was able to create, alter and destroy user photos, videos and more.


kylie jenner website hacked 4

Smith, who exposed the website’s vulnerabilities for the fun of it, says he’s not seeking to release any of the info, rather he’s just giving Kylie a “heads up.”

I’ll admit I downloaded Kylie’s app just to check it out. I also checked out the website, and just like most developers, I decided to take a look around to see what was powering the site. After I started digging a little bit deeper, I found a JavaScript file namedkylie.min.75c4ceae105ad8689f88270895e77cb0_gz.js. Just for fun, I decided to un-minify this file to see what kind of data they were collecting from users and other metrics they may be tracking. I saw several calls to an API, which of course made sense. I popped one of those endpoints into my browser, and got an error just liked I expected. h/t techcrunch

kylie jenner hacked website

If I were Kylie, I’d be expecting a nice refund from the developers! And if I was a Kylie subscriber, I’d be expecting a nice refund from her!

Have Something To Add To This Story?
Comment Your Thoughts Below!
Share This Post With Friends And Family!