If usesτε την εφαρμογή πληκτρολογίου που αναπτύχθηκε από την Ai.Type, οι προσωπικές σας πληροφορίες μάλλον έχουν διαρρεύσει, καθώς researchers security researchers discovered that the company was secretly collecting data and storing it in a MongoDB database.
Security company Kromtech estimates that sensitive data belonging to about 31 million users is included in this database, and entries have been found to show that the keyboard application recorded almost every keystroke, whether it was plain text or passwords.
While the app's developer says it doesn't collect information from password fields and that all data is encrypted, ZDNet reveals that the database discovered by Kromtech included everything from full user names, email addresses, geographic location, the device, model, IMEI , and Android versions. It also includes more personal information collected from social media, such as dates of birth, gender, profile pictures, contacts and even passwords.
Η Kromtech says the database is 577 GB and was exposed on the Internet. The database was freely available to anyone with an Internet connection, and contains at least 31.293.959 files.
There are 6.435.813 entries with information gathered from contact lists, including phone numbers and names. The security company estimates that the keyboard application has stored more than 373 millions of records on the servers of the company that developed it.
In most cases, the applications third-party keyboards require full access to Android data, and the functional Google warns that this could cause problems.
The Ai.Type keyboard application is also available for the iPhone and also requires full access, but it is currently unclear whether information from users of Apple devices or only those who use Android has leaked information.