A young developer, poking around the code of Kylie Jenner‘s new website, was able to access the full names and email addresses of over 600,000 users.
In addition to personal info, Alaxic Smith, 19, was able to create, alter and destroy user photos, videos and more.
Smith, who exposed the website’s vulnerabilities for the fun of it, says he’s not seeking to release any of the info, rather he’s just giving Kylie a “heads up.”
I’ll admit I downloaded Kylie’s app just to check it out. I also checked out the website, and just like most developers, I decided to take a look around to see what was powering the site. After I started digging a little bit deeper, I found a JavaScript file namedkylie.min.75c4ceae105ad8689f88270895e77cb0_gz.js. Just for fun, I decided to un-minify this file to see what kind of data they were collecting from users and other metrics they may be tracking. I saw several calls to an API, which of course made sense. I popped one of those endpoints into my browser, and got an error just liked I expected. h/t techcrunch
If I were Kylie, I’d be expecting a nice refund from the developers! And if I was a Kylie subscriber, I’d be expecting a nice refund from her!
LAKE COUNTY, IN. (THECOUNT) — Rylee Hanson has been identified as the victim killed in an…
FAYETTE COUNTY, AL (THECOUNT) — Brianna Hope Marchman and Javarius Walker have been identified as…
TIPP CITY, OH (THECOUNT) Caleb Flynn, previously reported in connection with what authorities initially believed…
WALKER COUNTY, AL (THECOUNT) — Whittney M. Barrentine and Chester G. Brown have been identified…
SAN ANTONIO, TX (THECOUNT) — Brittani Flanders has been identified as the woman who died…
JACKSONVILLE, FL (THECOUNT) — Janarious Mykel Wheeler, known professionally as Lil Poppa, has died from…