Virtual Keyboard AI.Type Leaks User Data

Technology > Security

Photo By TheDigitalArtist via Pixabay

In a big data leak, popular keyboard app AI.type recently exposed the personal data of 31 million users.

According to Kromtech Security Center which exposed the leak, 577 GB of information was leaked online due to a failure on the part of the app's Israel-based developer to secure its database server which wasn't protected with a password, opening access to the company's user records.

ZDNet verifies that each record contained data such as the full names of the users, their email addresses, and the date when the keyboard app was installed. On top of that, it included the precise location of the user, down to their city and country.

It has also been reported that some of the data that was leaked included information linked to Google profiles, like birth date, gender, and photos. Other information found were 10 million email addresses and 373 million phone numbers. ZDNet says the reason the app uploaded these data remains unclear.

Despite AI.type's claim on its website that text entered on the keyboard is "encrypted and private," ZDNet has found evidence that the text was being recorded and stored by the company.

Since the free version of the app collects more data than the paid version, users of the free app had more information exposed by the leak. It also appears that only Android users were affected.

However, Eitan Fitusi, the app's creator and co-founder of AI.type, claims that any data collected is only used as "statistical information" to aid the app's prediction engine, and couldn't be linked to a user or device.

ZDNet says that the data has now been secured, following several of its attempts to contact Fitusi, who has since acknowledged the security lapse.