Categories: SecurityVirus

Kardashian Fans At Risk From Insecure App, Websites

Fans of reality television’s favourite family may want to check their passwords following the news that an app dedicated to the Kardashian clan has been compromised.

Up to 800,000 users of an ‘exclusive’ app which promised to offer all the hottest and latest news Kim, Khloe and Kendall et al may be at risk.

That’s according to HotforSecurity, which found that one of the app’s users was able to access the names and email addresses of thousands of other subscribers.

Flawed

Nineteen-year-old web developer Alaxic Smith, who said he downloaded the app ‘out of curiosity’, found that when he logged into the website dedicated to Kylie Jenner with his own username and password, he was able to access the names and email addresses of 663,270 of her signed-up fans.

Smith also found that the apps were designed with an open and unsecured API, meaning that he was able to create and destroy users, photos and videos. And this wasn’t just true of Kylie Jenner’s website, but also those of her siblings Kim Kardashian, Khloe Kardashian and Kendall Jenner.

Smith says he has reached out to Whalerock Digital Media, the firm behind the Kardashian clan’s apps, and advised them on the problem can be fixed. The company later told TechCrunch that it had closed its API, and that Smith was only able to access “a limited set of names and email addresses.”

“Our logs further indicate no one else had access and that no passwords nor payment data of any kind was exposed. Our highest priority is the security of our customers’ data,” Whalerock said.

The flaw marks the second time a Kardashian has put her fans at risk, after naked photos of Kim Kardashian were among those leaked in the celebrity iCloud photo scandal of last winter.

Are you a security pro? Try our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

3 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 days ago