Kylie Jenner Lip Kit Website Exposed Customer Data
Accidentally leaked credentials; Software vulnerability
The cosmetics website of the Kardashian sister has been inadvertently leaking personal information to other clients.
Here's how the situation played out: When someone tried to log into the site, it sent them to an existing customer's account, revealing names, email addresses, personal addresses, order history, etc. Every time a customer refreshed the site, it sent them to another customer's account.
Customers of Kylie Cosmetics complained to her people. Her staff had no idea it was happening, and just made a quick, temporary fix, TMZ reported on Monday, April 11.
"A lot of people could have had their info compromised, because Monday was restock day for Kylie's Lip Kit -- which sold out immediately with over a million kits bought," according to TMZ.
Web Services; Retailer
April 11, 2016
Link to report
location of breach
location of perpetrators
date breach occurred
date breach detected