Keyboard app AI.type leaks data of 31m users

The personal data of over 31 million customers has been leaked online after the developers of popular virtual keyboard app, AI.type failed to secure the server that housed the database containing all of the user information their software had collected. 

The company's server was not protected by a password which allowed anyone to access the 577 gigabytes of sensitive data stored on it.  IOS users were not affected as the database only contained records on the Android users of AI.type. 

Researchers at Kromtech Security Center discovered the leak and tried several times to contact the company's co-founder, Eitan Fitusi who owns the server.  Eventually the data contained on the server was secured and AI.type acknowledged that a security breach had occurred over the past weekend. 

The records themselves contain each user's full name, email address, how long they have had the app installed as well as precise details on their exact geographical location.  Users that opted for the free version of AI.type agreed to have more of their data collected such as their smartphone's make and model, IMEI number and Android version in the app's privacy policy which the company then used for monetisation.    

A large number of the records also included the phone number and telecom provider of users as well as some specific details of their public Google profile including their dates of birth, genders, profile photos and email addresses. 

The security breach of AI.type is yet another constant reminder of the dangers of using free apps over paid ones and users should always think twice before installing new apps on their mobile devices. 

Image Credit: Gilles Lambert / Unsplash