Insights For Success

Strategy, Innovation, Leadership and Security

AI.Type Android Keyboard leaks data from 31M users

GeneralEdward KiledjianComment
firefighters-808901_1920.jpg


ZDNet got the scoop on this significant leak. AI.type, a third-party keyboard replacement for Android has leaked data for its 31 million users online. 

How did this happen? A database administrator didn't secure the database.  Anyone with basic skills could access and query the unprotected database and "have fun" with the 577 GB of data it contained.

What type of data leaked? The leak includes fun elements like name, email address, precise user geolocation data, city and country. Researchers have also found [that some records contain] phone numbers, IP addresses dates of birth, gender, etc.

Why stop there? Researchers also found that some user contacts were in the database. One table contained ~375M telephone numbers.

This is a perfect example why Apple forces users to enter passwords and sensitive information using their native keyboard (even if the user has chosen to install a third party one.)

On Android, I use the Google keyboard for this exact reason. Another alternative is Swiftkey, which now belongs to Microsoft (another company I would trust).