Popular AI.type Keyboard App Leaks Personal Data Of 31 Million Users

More than 31 million users have had personal information leaked by AI.type, a popular virtual keyboard app that’s been downloaded more than 40 million times for Android.

AI.type

Though AI.type is available for both Android and Apple’s iOS operating systems, only Android users appear to be affected by the leak. Kromtech Security Center researchers say that AI.type “accidentally exposed their entire 577GB Mongo-hosted database to anyone with an internet connection.”

Data Exposed

That database included phone numbers, full names, device name and model, SMS numbers, unique IMEI numbers for each device, email address, links to social media profiles, and precise location details. Furthermore, data was also taken from users’ contact lists, so phone numbers and email addresses of people who weren’t even using the app could have been compromised.

ZDNet verified the leak by obtaining a portion of the database seen by Kromtech, while noting that AI.type’s server wasn’t protected with a password. The free version of the app also collects more data than the paid version of the app, so those using the free app would potentially have more personal information exposed. AI.type’s developer acknowledged the leak, and the data has since been secured.

Keyboard Apps: Worth It?

Virtual keyboard apps generally ask for full access to your phone’s keyboard. Like many of these apps, AI.type is given read access to everything you type, in addition to text messages and photo/video access.

 

But AI.type’s database was not encrypted, and ZDNet also claims that “text entered on the keyboard does get recorded and stored by the company, though to what extent remains unclear.”

 

While many readers may use a virtual keyboard app, it’s time to take a closer look at whether it’s really necessary to do so, if you haven’t already. As Kromtech head Bob Diachenko wrote, “It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices.”

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews