A young developer, poking around the code of Kylie Jenner‘s new website, was able to access the full names and email addresses of over 600,000 users.
In addition to personal info, Alaxic Smith, 19, was able to create, alter and destroy user photos, videos and more.
Smith, who exposed the website’s vulnerabilities for the fun of it, says he’s not seeking to release any of the info, rather he’s just giving Kylie a “heads up.”
I’ll admit I downloaded Kylie’s app just to check it out. I also checked out the website, and just like most developers, I decided to take a look around to see what was powering the site. After I started digging a little bit deeper, I found a JavaScript file namedkylie.min.75c4ceae105ad8689f88270895e77cb0_gz.js. Just for fun, I decided to un-minify this file to see what kind of data they were collecting from users and other metrics they may be tracking. I saw several calls to an API, which of course made sense. I popped one of those endpoints into my browser, and got an error just liked I expected. h/t techcrunch
If I were Kylie, I’d be expecting a nice refund from the developers! And if I was a Kylie subscriber, I’d be expecting a nice refund from her!
BANCROFT, WV. (THECOUNT) -- West Virginia State Police are investigating after the body of a…
FORREST COUNTY, MISS. (THECOUNT) -- Louis Claiborne III, 28, of Newton, Mississippi, has been identified…
JACKSON, MS. (THECOUNT) -- Jaret Raney, an 18-year-old from Clinton, Mississippi, was killed Wednesday evening…
STATESVILLE, NC. (THECOUNT) -- A private aircraft owned by NASCAR driver Greg Biffle crashed Thursday…
ATLANTA, GA. (THECOUNT) -- Gil Gerard, the actor best known for starring as Buck Rogers…
STOCKTON, CA. (THECOUNT) -- Arianna Rowland Buzenes, a 23-year-old woman from Stockton, California, was found…