Skip to main content
  1. Home
  2. Phones
  3. Mobile
  4. News

A popular virtual keyboard leaked the personal data of 31 million users

Add as a preferred source on Google

It seems there’s been another sizable data leak, this one affecting 31 million users of the popular customizable virtual keyboard app Ai.type.

The personal information — all 577GB of it — was exposed online because the Israel-based maker of the app had failed to secure its database server, according to Kromtech Security Center, which exposed the leak.

Recommended Videos

Reports suggest that the data in question, which has been verified by ZDNet, includes full names and email addresses of Ai.type users, as well as dates showing when the cross-platform app was installed. Each record also reveals the user’s registered location, such as their city and country.

For reasons currently unclear, some of the leaked information is reported to also include details linked to Google profiles, such as birth dates, genders, and profile pictures. Around 10 million email addresses were also found, as were some 373 million phone numbers seemingly taken from the contacts of registered users’ phones, though as ZDNet pointed out, “It’s not clear for what reason the app uploaded” such data.

The app’s website insists that information input by those using Ai.type is “encrypted and private,” but it appears the database was not encrypted, with researchers claiming that at least some of the text entered on the keyboard was being recorded and stored by the startup.

The app’s creator, Eitan Fitusi, told Digital Trends that far from spying on users, any collected input data is simply “statistical information” used to help power the app’s A.I. prediction engine. Fitusi added that the input data is “non-personal” so it can’t be connected to a particular user or device.

It seems that users who downloaded the freemium version of Ai.type had more data exposed than those with the paid version as the free one collects more information from devices. Also, the misconfigured database seems to have contained information linked only to Android users of the app, meaning that data belonging to the app’s iOS users is unaffected. All data has now been secured by the startup, ZDNet reported.

Ai.type users will at least be relieved to learn that no passwords or payment details were kept on the server.

Elementary error

In what appears to have been an alarmingly elementary error, the server reportedly had no password protection, opening up the data to internet users who could then browse, download, or even delete the information held on it.

Ai.type uses artificial intelligence to help users type faster and more accurately. DT listed it earlier this year as a decent virtual keyboard app for emoji fans as it lets you put the colorful characters front and center in a couple of taps.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
How to install iOS 27 public beta on your iPhone?
iOS 27’s public beta is here, and its loaded with new features and experiences you might want to try.
iOS 27 beta update open on iPhone

After iOS 27’s third developer beta shipped on July 6, Apple released the first public betas for iOS 27 on July 13, 2026. While the main additions remain the same across the builds, the latter is the more refined and polished version, free of rudimentary bugs and glitches.

If you have a compatible iPhone, you can install the first public beta of iOS 27 today and experience the new Siri AI and other features yourself, provided that you know exactly what to do.

Read more
This Android malware can spy on your screen, read your texts, and control your phone remotely
Upgraded RedHook Android malware now abuses Android's built-in Wireless ADB to hijack your phone without root access.
android-redhook-malware

A nastier version of the RedHook Android malware is making the rounds, and it does not need a USB cable or a rooted phone to take over your device. Researchers at Group-IB discovered the upgraded variant, which is a significant step up from the version spotted in 2025. The scariest part? It uses one of Android's own built-in tools to do it.

How RedHook malware tricks your Android phone into handing over control

Read more
iOS 27’s public beta is finally here, and you don’t need a developer account to get in
Siri's biggest comeback is finally leaving the lab.
iOS 27 new star rating feature in Photos

Greg Joswiak just made it official. A few minutes ago, Apple's marketing chief confirmed the availability of public betas for iOS 27, macOS 27, iPadOS 27, and other Apple devices.

If you've spent the last month watching developers gush over Siri AI, patiently waiting for the public beta, that wait is over.

Read more