The personal user data of around 31 million users of the popular virtual keyboard app AI.type has been confirmed to have been compromised and leaked. The company server – the source of the leak – was finally secured over the weekend, but not before a huge amount of data was leaked.
Eitan Fitusi, co-founder of AI.type, acknowledged that he owned the server and that he had failed to secure the database. The server was not protected with a password, so the data was immediately accessible to anyone with knowledge of how to retrieve it. More than 577 gigabytes (GB) of sensitive user data has been compromised.
The data includes the user’s full name, email addresses, and how many days AI.type has been installed on the user’s device. Dangerously, the records also included a user’s precise location, including their city and country. But sadly, that is not all.
There are more detailed records for those who purchased the full version of the app. These include the device’s IMEI number, the device’s make and model, screen resolution, and the device’s specific Android version. A large portion of the data also included the user’s phone number and the name of their mobile provider. In some cases, even IP address and internet provider names were included. Many records also contained specific details of a user’s public Google profile, including email addresses, dates of birth, genders, and profile photos.
SOURCE: ZDNet