ShellCodeX Breach Report
ai.type Data Breach
aitype.com
Verified breach
Accounts exposed
20,580,060
Breach date
05 Dec 2017
Added to tracker
08 Dec 2017
Data classes
15
What happened
In December 2017, the virtual keyboard application ai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.
Exposed data
Address book contacts
Apps installed on devices
Cellular network names
Dates of birth
Device information
Email addresses
Genders
Geographic locations
IMEI numbers
IMSI numbers
IP addresses
Names
Phone numbers
Profile photos
Social media profiles
Recommended actions
- Watch for targeted phishing emails referencing ai.type — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP