inside the digital age, one of the most common sayings can be—if you’re not paying, then you’re not the customer, you’re the product.
While downloading apps on their smartphones, most users may not realize how much data they collect on you.
Believe me; of which’s way more than you can imagine.
Nowadays, many app developers are following irresponsible practices of which are worth understanding, along with also we don’t have a better example than of which newly-reported incident about a virtual keyboard app.
A team of security researchers at the Kromtech Security Center has discovered a massive trove of personal data belonging to more than 31 million users of the common virtual keyboard app, AI.type, accidentally leaked online for anyone to download without requiring any password.
Founded in 2010, Ai.type can be a customizable along with also personalizable on-screen keyboard for mobile phones along with also tablets, with more than 40 million users worldwide.
Apparently, a misconfigured MongoDB database, owned by the Tel Aviv-based startup AI.type, exposed their entire 577 GB of the database online of which includes a shocking amount of sensitive details on their users, which can be not even necessary for the app to work.
“…they appear to collect everything via contacts to keystrokes.“
The leaked database of over 31 million users includes:
- Full name, phone number, along with also email address
- Device name, screen resolution along with also product details
- Android type, IMSI number, along with also IMEI number
- Mobile network name, country of residence along with also even user enabled languages
- IP address (if available), along with GPS location (longitude/latitude).
- Links along with also the information associated with the social media profiles, including birth date, emails, photos.
“When researchers installed Ai.Type they were shocked to discover of which users must allow ‘Full Access’ to all of their data stored on the testing iPhone, including all keyboard data past along with also present,” the researchers say.
Moreover, the leaked database also reveals of which the virtual keyboard app can be also stealing users’ contact books, including the contacts’ names along with also phone numbers—along with also already scraped more than 373 million records.
“There was a range of different statistics like the most common users’ Google queries for different regions. Data like average messages per day, words per message, the age of users, words_per_day’: 0.0, ‘word_per_session along with also a detailed look at their customers,” the researchers say.
Researchers go on to raise a question of which “why might like a keyboard, along with also emoji application need to gather the entire data of the user’s phone or tablet?“
Even the recent data breaches have taught us of which once our personal data gets inside the hands of cybercriminals, of which makes us vulnerable forever.
Therefore, the best defense to protect yourself can be always—awareness.