Keyboard app caught collecting data of user after 40M records leaked online !

Keyboard app caught collecting data of user after 40M records leaked online !

The database was discovered by security researchers at the Kromtech Security Center who detailed that in total 577 GB of data containing details of 40M users was left exposed as a result of a misconfigured MongoDB database.

The database accessed by researcher included sensitive details of users such as: Full name, phone number, device name, model number, screen resolution, SMS number, mobile network name, Android version, user languages enabled, IMSI number, IMEI number, country of residence, email address, links and the information associated with the social media profiles including photo and in some cases IP addresses.

The researchers demanded data left visible entered names, phone numbers, locations and Google queries.
The chief of the Israeli company back the app confirmed the breach but said most of the data was not sensitive.
Bob Diachenko, from the Kromtech Security Centre, part of contract company Mackeeper, said the number of data required by the app at the point of the download was unexpected.

~Why would a keyboard and emoji form need to gather the entire data of the user’s phone or tablet? he addressed in his report.
Based on the flowed database, they appear to collect everything from communications to keystrokes.

But Eitan Fitusi, chief executive and founder of Ai.type, told the News the expense of data exposed was not as comprehensive as claimed
 he said of the discovery “It was a subordinate database,”

Mr.fitusi said that
the geo-location data was not right
no IMEI dat had been associated , the user behavior collected by the business involved only which ads they clicked
The database has now been shut down and Mr. Fitusi said he was “certain” about the company’s security.
Mr. Diachenko acknowledged that while there were no credit card or fee details, there was a wide range of individual information including social media profiles.