Swiftkey Keyboard Data Leak: Most Users Not Affected, Sync Still Disabled


SwiftKey is in hot water one week after it launched its new emoji-predicting keyboard, as a number of users complained about the main SwiftKey app's suggestions.

It looks like the app mixed up the user data and offered suggestions pertaining to names, phone numbers, and email accounts of complete strangers.

SwiftKey, which was purchased by Microsoft for $250 million earlier this year, taps into artificial intelligence to make predictive suggestions based on a users' typing history. To perform this task, SwiftKey uses machine learning to get a grasp on patterns of communication between users, and stores unique words or phrases they use in a database. The app, which works on both Android and iOS, is regarded as one of the best software to wield both AI and machine learning.

To get those addresses and names right, SwiftKey filters through quite a fold of personal information, such as previous emails, texts and recurring names and phrases — to amplify its database. What is more, the app features a synchronization tool that makes sure that, no matter what device a user is typing on, the predictive data stays the same.

Due to a glitch in SwiftKey's sync, a few users inadvertently discovered that they have access to information belonging to others. The strangers were kind enough to let each other know of the slip, and the problem quickly reached Microsoft's ears.

The Telegraph reports how one SwiftKey user discovered that their details were compromised. The user says that they received an email from a stranger who claimed that their brand new phone started to suggest the user's email address when logging into an account online.

According to the user, he was informed that not one but two of his addresses (one work related and one private) were saved in the newly purchased device.

The anonymous source points out that the stranger took the time to go through the alphabet using SwiftKey, and was presented with a large number of contacts that he should not have had access to. Among the leaked information was the address of a private server from the user's workplace.

Similar reports started appearing on Reddit, where a British Redditor told his peers that he started receiving predictions in German, a language that he most definitely does not speak.

SwiftKey blames the issue on a bug from the sync feature, and the company chose to switch off the possibility to sync devices across environments until it takes care of the problem.

"A limited number of our customers noticed unexpected words when typing on their mobile phone," says a SwiftKey spokesperson.

However, the company vouches for the security of the app, and claims that the number of those who reported the bug is too small for the glitch to be regarded as a major issue.

"We take users' privacy and security very seriously," SwiftKey writes in a blog post. The company added that its team is focused on offering "world-class standards" for its community.

Are you using SwiftKey on your mobile device? Let us know about your experience with the app in the comments section below.

ⓒ 2018 All rights reserved. Do not reproduce without permission.
Real Time Analytics