AI.type, a popular virtual keyboard application on Android is coming under fire for allegedly leaving its servers unprotected, which has now resulted in the leak of user data. It is estimated that nearly 31 million users have their data out in the open, which can be accessed by pretty much everyone. The revelations were made by security researchers at the Kromtech Security Center along with ZDNet.
Data includes details on the user’s precise location, email address, full name, and information on how long the app was installed on their device. The server in question is owned by Eitan Fitusi, who is also the co-founder of AI.type. It is said that the server didn’t have a password, leaving it vulnerable for an attack like this.
There are complete records available in some of the data as well. This includes the device’s make, model number, screen resolution, the Android version it’s running, IMSI/IMEI numbers, phone numbers, and even the user’s IP address if their device was connected to a WiFi network.
It’s safe to say that AI.type is definitely going to be under fire after this revelation. It must be noted that the free version of AI.type reportedly collected more data than the paid version of the app. This doesn’t necessarily mean that those who paid for the app are safe, but it seems like paid users didn’t have all of their personal information stored on AI.type’s servers. It’s still pretty unclear as to what AI.type wanted to do with all that data. Perhaps further investigations will reveal the company’s intentions.
[Via ZDNet]Like this post? Share it!