Sensitive Data of 31 Million Users Exposed by Developers of Popular Virtual Keyboard App

By Jessica Ferrera, Christian Post Contributor

A popular virtual keyboard has reportedly compromised private data from 31 million users.

Another massive personal information leak was recently revealed by Kromtech Security Center. According to the cyber security firm, data belonging to 31,293,959 users were found online and could be accessed by the public because of a "misconfigured MongoDB database."

Kromtech added that the faulty database was owned by the Israeli developer Ai.Type, a startup known for offering personalized keyboards for mobile devices running on Android and iOS.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The security firm also noted that the release of the users' details -- which amount to 577 GB worth of files -- happened by accident. Unfortunately, the error in Ai.Type's MongoDB database enabled anyone with access to the internet to view or download the leaked data.

Kromtech further explained that the use of MongoDB for remote data storage was common but "a simple misconfiguration" could lead to the massive leak, such as what happened with Ai.Type.

According to the report, the compromised data included very sensitive information about  Ai.Type's users such as their full names, phone numbers, and the kind of mobile device that they had. Kromtech added that very specific details about the user's smartphone were also included in the leaked data.

More than 31 million people who installed the Ai.Type virtual keyboard reportedly had their mobile network name, SMS number, screen resolution, user languages enabled, Android version and other pieces of information in the database.

The leak also included very specific and sensitive details like the device's International Mobile Subscriber Identity and unique IMEI numbers, the email linked to the smartphone, as well as information on users' social media accounts, location data, and even photos.

In light of the multi-million information leak, Kromtech's Bob Diachenko commented: "This presents a real danger for cyber criminals who could commit fraud or scams using such detailed information about the user. It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices."

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.