Skip to main content

The Kardashians’ new websites mistakenly publicized personal user info

kardashians new websites expose user data screen shot 2015 09 17 at 3 49 34 pm

In conjunction with the release of their new apps, which allow fans to subscribe to exclusive content from the celebrities for a nominal monthly fee, the Kardashian-Jenner sisters have decided to each launch their own new websites this week. Of course, signing up as an early adopter of just about anything, there’s always the risk of something bad happening as a result.

In the case of the new Kardashian sites, you were opening a window to your personal data. But you’re not alone. In fact, the names and email addresses of about 891,340 users were exposed due to a flaw in the code which left the API open for everyone to see. This was discovered only a few hours after the apps and websites launched, with 19-year-old Web developer Alaxic Smith discovering the hole.

Related Videos

As the creator of his own community-driven, celebrity-focused app, Communly, Smith decided to start meddling in the sisters’ code to compare the data they were collecting to his own. Little did he know, the personal information of all their registrants would be so easily accessible, an amateur hacker’s dream come to life.

“I now had access to the first names, last name, and email addresses of the 663,270 people who signed up for Kylie Jenner’s website,” Smith wrote in a Medium post. “I then noticed that I could do the same API call across each of the websites and return the same exact data for each site. I also had the ability to create/destroy users, photos, videos, and more. It’s clear why this is a major issue, and raises the question: Should users trust not only their personal information but also payment information with these apps?”

Fortunately, Smith reached out to Whalerock Digital Media, the company behind the sites and apps who initially made him take the Medium post down while cautioning against speaking with the media about the security oversight. After that, the media agency assured Tech Crunch that the problem has been fixed and that any payments made prior to the patch have been secured.

In case you are one of those affected, the most harm you can expect is a few spam emails since no credit card information was leaked. And unless you’ve never agreed to a privacy policy without reading it, there’s a good chance you receive some of those already. In closing, while you shouldn’t expect this to be another Ashley Madison ordeal, it can always be a bit frustrating when your personal info has been outed.

Editors' Recommendations

Grammarly’s new ChatGPT-like AI generator can do a lot more than proofread your writing
GrammarlyGO's Rewrite for Length feature is shown.

Grammarly, one of the biggest names in writing tools, is adding AI-generated text to its repertoire on the heels of the wild popularity of ChatGPT. Known as GrammarlyGO, this new tool is focused on improving writing rather than replacing the writer.

GrammarlyGO will roll out in beta form to existing users in April. All tiers, including developers, business, education, and premium users, will have access. You can even use GrammarlyGO with a free account.

Read more
Twitter API broke links, images on the website this morning
A stylized composite of the Twitter logo.

Twitter broke in several places this morning, likely due to Twitter's own API. Slow load times, broken links, and services like TweetDeck went down on Monday, displaying an error related to Twitter's API. This is not the first hurdle Twitter has seen due to its API under the new leadership of Elon Musk.

When using a link on Twitter or accessing a service like TweetDeck, you would see this message: "{"errors":[{"message":"Your current API plan does not include access to this endpoint, please see https://developer.twitter.com/en/docs/twitter-api for more information","code":467}]}" That's not too helpful -- going to the website address in the error would take you to a page with the same error.

Read more
The most common Slack issues and how to fix them
Slack NYSE

Even if you know all the best Slack tips, you can still run into Slack issues. If you work from home, or if Slack just happens to be the best way to communicate with your co-workers, then you know how important it is for the app to run smoothly.

But in the event it doesn't, we've got your back. In this guide, we're taking a look at five of the most common Slack issues and show you how to fix them so you can get your workday up and running again.
Trouble connecting to Slack

Read more