Ai.Type Keyboard Replacement Leaks Data for 31 Million Users

Ai.Type Keyboard Replacement Leaks Data for 31 Million Users”

Another week, another open database left online, but this latest case has shown not only sloppy security but also how much data you're giving up with some apps. 577GB of data was outed thanks to the lack of password protection for the app's database server.

Strangely, the data breach applies only to Android users of AI.type keyboards, not iOS users.

Ai.type's founder Eitan Fitusi told The Register that the MongoDB database had been secured once Kromtech had reported the issue and that the archive only contained around half of the firm's database information.

"The misconfigured MongoDB database appears to belong to Ai.Type a Tel Aviv-based startup that designs and develops a personalized keyboard for mobile phones and tablets for both Android and iOS devices", Kromtech Security Center said. And it wasn't until ZD.Net attempted to get in touch with developer Fitusi that the database was secured.

Google often warns users of the security risks that come with the use of a third-party keyboard, but AI.type touts on its website that user privacy is its "main concern" and that any entered text "stays encrypted and private".

'This presents a real danger for cyber criminals who could commit fraud or scams using such detailed information about the user.

There's more in the full blog post, but the long and the short of it is that these users are utterly exposed.

"It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices". This information included sensitive data such as names, phone numbers, mobile hardware identification info, email addresses and country of residence. Accompanying the numbers were the make and model of the device, its screen resolution and the version of Android it was running.

A large portion of the records also included the user's phone number and the name of their cell phone provider, and in some cases their IP address and name of their internet provider if connected to Wi-Fi. The records also contained details from users' public Google profile like email addresses, birth date, gender, and profile picture.

AI.Type also uploaded users' contacts and their phone numbers into the exposed MongoDB database.

This is once again a wakeup call for any company that gathers and stores data on their customers to protect, secure, and audit their data privacy practices.

'It is clear that data is valuable and everyone wants access to it for different reasons. They feature word prediction, emoji suggestions, customized layouts, and more.

Like this


06 December 2017
Kate Steinle murder verdict sparks legislation to hold elected officials criminally responsible
If convicted, he could face up to 10 years in a federal prison, according to the Department of Justice. Steinle, 32, was fatally shot on San Francisco's Pier 14 on July 1, 2015.

06 December 2017
Lexus Teases LF-1 Limitless Concept Ahead of Detroit Reveal
Stay tuned because Lexus is expected to continue to tease its LF-1 in the build to the Detroit show. Above the rear window is what appears to be a spoiler with LED accent lights on it.

06 December 2017
Reggie Yates misses Xmas TOTP over 'Jewish guy' remark
The presenter stepped down after coming under fire over the controversial comments, which he admitted had "hurt many people". Shortly after the incident, Reggie released this statement: "I'm hugely apologetic for this flippant comment".

06 December 2017
Corning (GLW) Getting Somewhat Favorable News Coverage, Report Shows
Guggenheim reissued a "buy" rating and issued a $35.00 price target on shares of Corning in a report on Tuesday, August 15th. The electronics maker reported $0.39 EPS for the quarter, beating the Thomson Reuters' consensus estimate of $0.35 by $0.04.

06 December 2017
Pink reveals the important dating advice she shared with her daughter
Pink is never afraid to tell it like it is, and that extends to offering dating advice to her 6-year-old daughter, Willow . Luckily, Twitter users clarified that Pink isn't forcing her kids to embrace transgressive gender roles.

06 December 2017
Former ACA Reporter Ben McCormack Avoids Jail Term Over Child Porn
McCormack was sensationally arrested back in April after a sting by NSW Police. McCormack pleaded guilty to the offences in September. I'll always have the attraction".

06 December 2017
Tokyo Financial Exchange Plans to Launch Bitcoin Futures Contracts in 2018
Thus, futures trading on bitcoin the CBOE will begin earlier than its largest rival, CME Group Inc., which plans to launch futures trading for bitcoin on 18 December.

06 December 2017
Man charged with killing teen girl found shot in crashed auto
School officials said grief counselors are on hand at both Wilby high school and another high school Santiago previously attended. Pittman, 27, and the teen reportedly were in a relationship, but no motive for the shooting has been released.

06 December 2017
California wildfires temporarily shut down production of HBO show
A brush fire being called the Rye Fire has affected the area, resulting in the nearby freeway being closed in both directions. As of now. the production suspensions are only in effect for today, with production to resume when the fire can be contained.

06 December 2017
Guardiola Welcomes Fergie time After Another City Late Show
Manchester City will go into next week's hotly anticipated Derby against Manchester United eight points clear at the top of the Premier League .