ai.type 2017 Data Breach

ai.type Virtual Keyboard App Exposure (2017): 72 Million User Records Including Address Book Contacts, IMEI & Installed Apps Left in Open Database | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Database ExposureAddress Book ContactsCellular NetworkDate of BirthDevice InformationEmail AddressFull NameGenderGeographic LocationIMEI
Low SeverityWebsite / service breach

ai.type Virtual Keyboard App Exposure (2017): 72 Million User Records Including Address Book Contacts, IMEI & Installed Apps Left in Open Database

AI virtual keyboard application for mobile devices (no longer available)

Verified by ObscureIQ Intelligence
34/100Breach Risk Index
10Data Value
25Market Recency
584dSince Breach

Breach Intelligence Summary

Entity: ai.type · Actor: Unknown · Sources: 9 references
Attack: Database Exposure
Profile: Platform · Mobile productivity and keyboard software services · Virtual keyboard application · Global
Timeline: Breach (2017-12-05) · Indexed (Dec 01, 2024) · Year (2017)
Exposure: 72.7M records · 15 fields: Address Book Contacts, Cellular Network, Date of Birth, Device Information, Email Address, Full Name, Gender, Geographic Location, IMEI, IP Address, Imsi, Installed Apps, Phone Number, Profile Photo, Social Media Profile
Status: Confirmed

Executive Summary

In December 2017, the virtual keyboard app ai.type exposed a misconfigured MongoDB database of 577GB, revealing detailed records on about 31 million users. The exposed data was extraordinarily broad: names, email addresses, phone numbers, dates of birth, genders, geographic locations, IP addresses, device information, IMEI and IMSI numbers, cellular network names, lists of installed apps, harvested address-book contacts, profile photos, and social-media profiles.

ObscureIQ assessment: The harvested address-book contacts mean people who never used ai.type are exposed, and the device identifiers permit persistent tracking that survives account changes.

Breach Impact

This is among the most invasive exposures in the corpus: device identifiers (IMEI/IMSI), installed-app inventories, precise location, and harvested contacts enable device tracking, deep profiling, and harm to third parties whose contact details were uploaded without consent.

About ai.type

ai.type is a customizable virtual keyboard app for Android and iOS that offers themes, prediction, and emoji input to a large mobile user base.

Why They Hold Your Data

Keyboard applications collect user accounts, device data, usage analytics, and potentially highly sensitive typed-input or personalization records tied to mobile productivity workflows.

Recent Developments

The exposure drew scrutiny over how much personal data keyboard apps collect, including harvesting users’ address-book contacts.

Data Points Exposed

15 verified field types
Address Book Contacts
Cellular Network
Date of Birth High
Device Information
Email Address
Full Name High
Gender
Geographic Location
IMEI
IP Address
Imsi
Installed Apps
Phone Number
Profile Photo
Social Media Profile

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • Identity verification bypass using name + date of birth combination
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
  • Social media account targeting and impersonation
Threat vectors:
  • Contact harvesting & secondary targeting
  • Carrier-specific social engineering
  • Identity verification bypass
  • Device fingerprinting & targeted exploitation
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • Profile enrichment
  • Pattern-of-life analysis & physical surveillance
  • Device cloning & SIM swap facilitation
  • SS7 interception attack enablement
  • App-specific attack surface mapping
  • Geolocation & account flagging
  • SIM swapping, vishing & SMS phishing
  • Deepfake & identity document fraud
  • Account impersonation & social graph harvesting

Recommended Actions

If you believe your information may be included:

Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the ai.type breach?

In December 2017, the virtual keyboard app ai.type exposed a misconfigured MongoDB database of 577GB, revealing detailed records on about 31 million users. The exposed data was extraordinarily broad: names, email addresses, phone numbers, dates of birth, genders, geographic locations, IP addresses,…

What data was exposed?

Verified fields include Address Book Contacts, Cellular Network, Date of Birth, Device Information, Email Address, Full Name, Gender, Geographic Location, IMEI, IP Address, Imsi, Installed Apps, Phone Number, Profile Photo, Social Media Profile.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
Breach Index
Have I Been Pwned
Record & field corroboration
Cross-source
9ghz
Independent catalogue listing
Cross-source
BreachForums_Official_Index
Independent catalogue listing
Cross-source
DataViper.io
Independent catalogue listing
Cross-source
Dehashed
Independent catalogue listing
Cross-source
HackNotice.com
Independent catalogue listing
Cross-source
Keeper
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation