Security researchers explain to have found the personal information of 31 million Android users of the keyboard app Ai.type after anticipating an open database online.
The app offers themed keyboards for phones and tablets.
The researchers claimed information left manifest enclosed names, phone numbers, locations and Google queries.
The boss of the Israeli company behind the app certified the crack but pronounced many of the information was not sensitive.
Bob Diachenko, from the Kromtech Security Centre, partial of confidence company Mackeeper, pronounced the volume of information compulsory by the app at indicate of download was “shocking”.
“Why would a keyboard and emoji focus need to accumulate the whole information of the user’s phone or tablet?” he wrote in his report.
“Based on the leaked database, they seem to collect all from contacts to keystrokes.”
But Eitan Fitusi, arch executive and founder of Ai.type, told the BBC the volume of information unprotected was not as endless as claimed.
“It was a delegate database,” he pronounced of the discovery.
Mr Fitusi said:
- the geo-location information was not accurate
- no IMEI information (a indication series for a specific phone) had been gathered
- the user poise collected by the company concerned only which ads they clicked
The database has now been close down and Mr Fitusi pronounced he was “confident” about the company’s security.
Mr Diachenko responded that while there were no credit label or remuneration details, there was a far-reaching operation of personal information including social media profiles.
Ai.type’s own total state that the app has been downloaded about 40 million times on the Google Play store given its launch in 2010.