Wednesday, 6 December 2017
2 comments

Unprotected Virtual Keyboard App Leaks 31 Million Android Users Private Data

Unprotected Virtual Keyboard App Leaks 31 Million Android Users Private Data


A Virtual keyboard App Leaked 31 Million Customer Data 


Due to lack of security the app developer wasn't protect the app server database with strong password, and leave it to expose users private information.

  • 31 Million Users Database Leaked of AI.Type Android App.
  • Record contain Users Full name, Email ID.
  • Record contain Users Location including their country and city.
  • Record contain users Mobile IMSI and IMEI numbers with device model name.

AI.type is the smartest, most personalized keyboard for smartphones and tablets. With over 40 million users worldwide. AI.Type is also available on iPhone and asking for full access while downloading the App.

The App server wasn't protected and allowing to attacker to access the company's database of user record, it Approx 577GB data recorded.

The Kromtech Security researchers have discovered a massive amount of customer files leaked online and publically available. Researchers were able to access the data and details of 31,293,959 users. The misconfigured MongoDB database appears to belong to Ai.Type a Tel Aviv-based startup that designs and develops a personalized keyboard for mobile phones and tablets for both Android and iOS devices.

The database contain Android App users records, Phonebook and Contact Records.

6,435,813 records that contained data collected from users’ contact books, including names (as entered originally) and phone numbers, in total more than 373 million records scraped from registered users’ phones, which include all their contacts saved/synced on linked Google account.


Image source : mackeepersecurity
Bob Diachenko, head of communications at Kromtech Security Center:

Theoretically, it is logical that anyone who has downloaded and installed the Ai.Type virtual keyboard on their phone has had all of their phone data exposed publicly online. This presents a real danger for cyber criminals who could commit fraud or scams using such detailed information about the user. It raises the question once again if it is really worth it for consumers to submit their data in exchange for free or discounted products or services that gain full access to their devices.

2 comments:

  1. I was able to spy on my cheating ex-Husband phone without him finding out…..it really helped my lawyer during my divorce i have been scammed so many times but cyberhackpros is the best hacker i have met he helped me regain my freedom and lost money by scammers …you can contact [email protected] for spying and hacking phones,computer,email,Facebook and other social networks account,his services are cheap …[email protected] or call +1 512 605 1256,please tell him i referred you

    ReplyDelete

 
Toggle Footer
Top