Ai.Type has leaked user data for some 31 million customers, according to Kromtech Security Center. In a blog post at Kromtech’s MacKeeper site, the company said the user data was exposed—rather than hacked—most likely by misconfiguration of a MongoDB database.
Ai.Type Data Leak
Kromtech found user data from some 31,293,959 users of Ai.Type keyboard replacements for both Android and iOS on the Internet. According to the blog post, that data included:
Phone number, full name of the owner, device name and model, mobile network name, SMS number, screen resolution, user languages enabled, Android version, IMSI number (international mobile subscriber identity used for interconnection), IMEI number (a unique number given to every single mobile phone), emails associated with the phone, country of residence, links and the information associated with the social media profiles (birth date, title, emails etc.) and photo (links to Google+, Facebook etc.), IP (if available), location details (long/lat).
In addition, the firm found 6,435,813 records, “that contained data collected from users’ contact books, including names (as entered originally) and phone numbers” of contacts scraped from users’ devices.
There’s more in the full blog post, but the long and the short of it is that these users are utterly exposed.
Ai.Type is an Israeli firm whose keyboard replacements leverage machine learning to make them better. They feature word prediction, emoji suggestions, customized layouts, and more. The company’s keyboard replacements have been popular, especially on Android, and they were one of the early comers to iOS when Apple opened up to keyboard replacements.
iOS apps include: