Though Kylie Jenner's status as the officially ordained President of the Internet remains unchallenged, the continued global takeover initiated by that genius batch of Kardashian-Jenner app experiences earlier this week has now suffered its first (admittedly minor) setback: a brief exposure of users' personal data.
The security bug was first discovered by web developer Alaxic Smith, who stumbled upon partial login information for all of the apps' 891,240 day-one subscribers. "Initially, I thought that this was some page filled with dummy data, but as I started to look closer, I realized it wasn’t,” Smith wrote in a now-deleted post on Medium, according to Slate. "I now had access to the first names, last names, and email addresses of the 663,270 people who signed up for Kylie Jenner’s website." Smith quickly discovered the same security flaw within each of the four websites, all of which are linked to their respective apps.
Whalerock Industries, the media and technology powerhouse behind the Kardashian-Jenner launch, quickly acknowledged and corrected the security flaw. In a statement released to TechCrunch, they ensured the privacy of the apps' past, present, and future users by confirming that no one (other than Smith) had achieved access to personal information:
Shortly after launch we were alerted that there was an open Api. It was promptly closed. Our logs indicate that the author of the blog post was able to access only a limited set of names and email addresses. Our logs further indicate no one else had access and that no passwords nor payment data of any kind was exposed. Our highest priority is the security of our customers’ data.
As previously reported, the Kardashian-Jenners' ingenious no-holds-barred app onslaught has been a resounding success. In fact, current estimates place the annual collective haul for the four apps at a decidedly unfuckwithable $32 million.
