AI virtual keyboard application for mobile devices (no longer available)
In December 2017, the virtual keyboard app ai.type exposed a misconfigured MongoDB database of 577GB, revealing detailed records on about 31 million users. The exposed data was extraordinarily broad: names, email addresses, phone numbers, dates of birth, genders, geographic locations, IP addresses, device information, IMEI and IMSI numbers, cellular network names, lists of installed apps, harvested address-book contacts, profile photos, and social-media profiles.
ObscureIQ assessment: The harvested address-book contacts mean people who never used ai.type are exposed, and the device identifiers permit persistent tracking that survives account changes.
This is among the most invasive exposures in the corpus: device identifiers (IMEI/IMSI), installed-app inventories, precise location, and harvested contacts enable device tracking, deep profiling, and harm to third parties whose contact details were uploaded without consent.
ai.type is a customizable virtual keyboard app for Android and iOS that offers themes, prediction, and emoji input to a large mobile user base.
Keyboard applications collect user accounts, device data, usage analytics, and potentially highly sensitive typed-input or personalization records tied to mobile productivity workflows.
The exposure drew scrutiny over how much personal data keyboard apps collect, including harvesting users’ address-book contacts.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
If you believe your information may be included:
In December 2017, the virtual keyboard app ai.type exposed a misconfigured MongoDB database of 577GB, revealing detailed records on about 31 million users. The exposed data was extraordinarily broad: names, email addresses, phone numbers, dates of birth, genders, geographic locations, IP addresses,…
Verified fields include Address Book Contacts, Cellular Network, Date of Birth, Device Information, Email Address, Full Name, Gender, Geographic Location, IMEI, IP Address, Imsi, Installed Apps, Phone Number, Profile Photo, Social Media Profile.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation