- Apr 21, 2016
- 3,409
If you’ve been using the keyboard app developed by Ai.Type there’s a good chance that your personal information has been exposed online, as security researchers discovered that the company silently collected data and stored it in a misconfigured MongoDB database.
Security vendor Kromtech estimates that sensitive data belonging to approximately 31 million users was included in the database, with found entries proving the keyboard app logged pretty much any keystroke no matter if it was just standard text or passwords.
While the developing company says it doesn’t collect information from password fields and all data is encrypted, ZDNet reveals the database discovered by Kromtech included everything from users’ full names, email addresses, location, device make, model, and IMEI, screen resolution, and Android versions. More personal information collected from social media was also found, like dates of birth, genders, profile photos, contacts, and even passwords.
Kromtech says the 577 GB database was exposed online and was freely available to anyone with an Internet connection, with no less than 31,293,959 records discovered.
There were 6,435,813 entries with information collected from contact books, including names and phone numbers, and the security vendor estimates the keyboard app stored more than 373 million records on the parent company’s servers.
Read more: Android Keyboard App Collected and Leaked Personal Data of 31 Million Users
Security vendor Kromtech estimates that sensitive data belonging to approximately 31 million users was included in the database, with found entries proving the keyboard app logged pretty much any keystroke no matter if it was just standard text or passwords.
While the developing company says it doesn’t collect information from password fields and all data is encrypted, ZDNet reveals the database discovered by Kromtech included everything from users’ full names, email addresses, location, device make, model, and IMEI, screen resolution, and Android versions. More personal information collected from social media was also found, like dates of birth, genders, profile photos, contacts, and even passwords.
Kromtech says the 577 GB database was exposed online and was freely available to anyone with an Internet connection, with no less than 31,293,959 records discovered.
There were 6,435,813 entries with information collected from contact books, including names and phone numbers, and the security vendor estimates the keyboard app stored more than 373 million records on the parent company’s servers.
Read more: Android Keyboard App Collected and Leaked Personal Data of 31 Million Users
