Another data leak case has surfaced wherein the personal details of nearly 31 million Android users using the AI.type app has been exposed on an online open database. Security researchers said that the data included names, locations, phone numbers, and Google search queries were leaked.
AI.type app offers themed keyboards for smartphones and tablets. The chief of Israeli company, who is also the developer of the app, confirmed the breach. However, he outlined that most of the data was insensitive.
Eitan Fitusi, Founder and CEO of Ai.type, told BBC that the quantity of data left visible was not as comprehensive as claimed. He added, “It was a secondary database.”
“The exposed geo-location data was inaccurate, IMEI numbers were not collected, and the company only collected information based on ads users clicked,” he clarified.
The exposed database has been made inaccessible. Mr. Fitusi expressed his confidence on the company’s security.
Ai.type has been downloaded 40 million times on the Google Play store since its launch in 2010.
Bob Diachenko from the Kromtech Security Centre, a part of security company Mackeeper, highlighted the data access asked by the app at the time of installation was “shocking”.
“Why would a keyboard and emoji application need to gather the entire data of the user’s phone or tablet?” wrote Diachenko in the report. “Based on the leaked database, they appear to collect everything from contacts to keystrokes.”
Recent data breaches have shown that access to personal data at the time of installing apps should be given only if it is relevant for the app.