David Hanak Over the past two days, quite a lot of information has appeared on the Internet about a huge data breach that affected some users using the ai.type keyboard add-on. This is a classic additional keyboard that can be installed by users of both the iOS platform and those using the Android platform. As it now turns out, a database of more than thirty-one million users who used ai.type made it onto the Internet. This database got onto the website by mistake, but it contained quite sensitive data.
It could be interest you
The original report came from Kromtech Security, which released a report on Tuesday that the collection database that stored information about users using ai.type was misconfigured and the data is freely available on the web. According to the original information, the information of 31 users was leaked in this way.
Gallery
In addition, this is relatively sensitive information. Within the leaked data, it is possible to find phone numbers, full user names, device name and model, operator used, screen resolution and device location. This list is available for keyboard users on the iOS platform. In the case of the Android platform, significantly more information was leaked. In addition to those mentioned above, these are, for example, IMSI and IMEI numbers, e-mail boxes associated with the phone, country of residence, links and information associated with profiles on social networks, including dates of birth, photos, IP addresses and location data.
To make matters worse, roughly 6,4 million records also contain detailed information about the contacts that were on the phone. Altogether, this amounts to roughly 373 million leaked personal data. Kromtech Security's Director of Communications issued the following statement:
It stands to reason that anyone who had the ai.type keyboard installed on their device fell victim to this massive data breach where their sensitive data was publicly available on the internet. This can prove to be particularly dangerous when the data leaked in this way is used for further criminal activity. So the question arises again, whether sharing their private data and information is worth it for users to get a free or discounted product in return.
ai.type keyboard requires comprehensive access to phone/tablet data after installation. However, the developers boast that they will not use any secured personal data in any way. As it now turns out, there is quite a lot of data being collected. Representatives of the company try to deny some content of the database (such as the presence of serial numbers of phones) in the media. However, they do not argue about the availability of the database freely on the Internet. Everything is said to be secured again since the leak.
Source: Appleinsider, Mackeepsecurity
For these reasons I only use the native keyboard and no other.