The Kardashian clan may know a lot about business (so to speak), but it appears they don’t know that much about technology. A young developer recently revealed a security hole on Kylie Jenner’s website, with which he was easily able to gain access to the names and email addresses of more than 600,000 users.
News of the security flaw came to light Wednesday, when 19-year-old developer, Alaxic Smith published a blog post on Medium, detailing his exploits. Out of curiosity, Smith downloaded and installed the Kylie Jenner application and then decided to see if and how he could tinker account with the back end of her Website, TheKylieJenner.com.
In Smith’s blog post, which has since been deleted, he mentions, while his ability to access the names and email address of these website members was a minor security breach, it calls into question, whether there could be other security holes on these mediums. He wonders if a more nefarious users could easily gain access to personal or payment information of members that subscribe to premium content provided by the famous family.
However, Whalerock Industries, the company, which hosts the Kardashian and Jenner websites, says members’ personal or payment information remained safe, despite the security hole. The open API has also now been patched. Smith is working with the company and has agreed to not speak further about his discovery or speak to the press, according to Tech Crunch.
Whalerock told Tech Crunch that payment transactions primarily go through Kardashian and Jenner’s mobile applications and not either websites, also noting that it works with a third party payment solution to processes online transactions.