Leave a comment

More than 600,000 users exposed by Kardashian security flaw

More than 600,000 users exposed by Kardashian security flaw
photo courtesy of SHUTTERSTOCK

You don't read as much about the Kardashians on my site as you do on others. That's because I prefer to stick to tech! But in this case, keeping up with the latest major data breach means keeping up with the Kardashians.

Earlier this week, Kim and Khloe Kardashian and their two younger sisters, Kylie and Kendall Jenner, released paid apps and accompanying websites that let their fans have access to "a unique and personal look into their lives." This includes diary entries, beauty tips, live videos and workout tips.

Just last year, Kim Kardashian released a mobile game that earned her around $85 million, so an app for the other sisters seemed to make sense.

However, one security researcher found that the intimate look into their lives might be a little bit too personal. More than 600,000 users who signed up for the sisters' apps and websites could have their full names and email addresses exposed to hackers.

Just by poking around in the JavaScript for fun, researcher Alaxic Smith discovered that not only could he access user information, he also had the power to create and cancel user accounts, as well as add and delete photos and videos, all thanks to an unsecured API.

Smith then posted his findings to his blog. Since then, the company behind the apps - Whalerock Industries - has issued a statement and maintains that none of the data was exposed or is in any danger:

Shortly after launch we were alerted that there was an open Api. It was promptly closed. Our logs indicate that the author of the blog post was able to access only a limited set of names and email addresses. Our logs further indicate no one else had access and that no passwords nor payment data of any kind was exposed. Our highest priority is the security of our customers’ data.

This isn't the first time the Kardashians have come under scrutiny about what they do online. Click here to see the disaster that is the #KylieJennerChallenge.

Next Story
Source: TechCrunch
Serious hacking attacks hit the world's top router brand
Previous Happening Now

Serious hacking attacks hit the world's top router brand

Beware: New ATM malware eats your card
Next Happening Now

Beware: New ATM malware eats your card

View Comments ()