The "Ai.type" keyboard collected more data than needed: a database of 31 million users leaked into the network

577 gigabytes! information about users of the virtual keyboard "Ai.type", which was downloaded almost 40 million times, was available to anyone on the Internet. Initially, a startup company, and now an ordinary company responsible for developing the keyboard for Android and iOS, misconfigured the security of the MongoDB database, which (unfortunately) was available online. As a result, anyone who had access to the Internet could download or even delete the entire database. Kromtech Security Center informs about the incident.

Too many allowances

With mobile applications, they often require more allowances than they really need to operate. When the researchers installed Ai.type, they learned that they must allow the keyboard to access "all" information stored on the iPhone.

The keypad requests "full" access to the phone.

The leak of the database revealed how much data the company has been gathering since 2010 about its 31,293,959 clients. According to statistics, the Ai.type application has been downloaded in various languages ​​about 40 million times from Google Play. The disclosed information included:

  • phone numbers,
  • first name and last name,
  • device model,
  • name of the cellular network,
  • the numbers to which the SMS was sent,
  • screen resolution,
  • turned on languages,
  • Android version,
  • IMSI number,
  • IMEI number,
  • e-mail messages,
  • home country,
  • links and information related to social profiles, as well as photos from Google+, Facebook,
  • location details,

A database dump.

Among these data were also books from phones with a total of 6 435 813 records, identifying other users, and thus:

  • written names
  • their phone numbers

Database tables.

In addition to the above, the database contained over 373 million records of other information that were downloaded from users' phones, including all contacts to third parties that were stored on the device or synchronized with a Google account.

If you have used the Ai.type virtual keyboard so far, please uninstall this spy software immediately.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.