SwiftKey Stops Cloud Sync Following User Data Leak

Keyboard maker SwiftKey has been forced to turn off its cloud sync service after the app started leaking user email addresses.

Last weekend some SwiftKey users took to Reddit to complain that they were seeing their SwiftKey app’s autocorrect suggest email addresses and words in a different language to their own.

“I’m getting someone else’s German predictions with only English(uk) pack installed. I have never typed German in my entire life,” said Reddit user JawaharlaNehru, in a post titled ‘Holy F**k! SwiftKey is giving me someone else’s suggestions. Including email IDs and all.’

“I also was suggested an email id in an email field,” the user said.

Turned off

Last Monday, SwiftKey responded to the data leak in a blog post, but claimed the bug did not pose any security issues.

“This week, a few of our customers noticed unexpected predictions where unfamiliar terms, and in some rare cases emails, appeared when using their mobile phone. We are working quickly to resolve this inconvenience,” said SwiftKey.

“While this did not pose a security issue for our customers, we have turned off the cloud sync service and have updated our applications to remove email address predictions.”

Microsoft acquired London-based SwiftKey back in February, paying $250 million (£189m) for the service, which is available on both iOS and Android.

The app has more than 300 million users worldwide, but this incident is not the first security issue to plague the app.

In 2015, Samsung rushed to fix a critical vulnerability found in the preinstalled SwiftKey keyboard app shipped with millions of its smartphones.

The vulnerability, discovered by Ryan Welton, mobile security specialist at NowSecure, allowed attackers to remotely execute code as a privileged (system) user, and affected models including the Samsung Galaxy S6, S5, S4 and S4 mini.

At the time, SwiftKey told TechWeekEurope that the vulnerability was down to the way that Samsung integrated the app onto its smartphones.

“We supply Samsung with the core technology that powers the word predictions in their keyboard,” the company said. “It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this important security issue.”

Take our video game tech quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

Norway Hit By DDoS Cyber Attacks From Pro Russian Group

Norwegian national security agency warns pro-Russian group has targetted private and public institutions in Norway…

17 hours ago

Google Tells Staff They Can Relocate After Roe v Wade Ending

After US Supreme Court last week removed women's reproduction rights, Google tells staff they can…

17 hours ago

Taiwan Developing Own Digital Currency – Report

Central bank of Taiwan confirms it is still working on its digital currency, but has…

19 hours ago

Tesla Cuts 200 Autopilot Jobs, Closes San Mateo Office – Report

More restructuring at Tesla with hundreds of bob losses and California office closure, where staff…

21 hours ago

US FCC Commissioner Urges Apple, Google To Remove TikTok

Fresh worry for TikTok, after FCC Commissioner writes to Apple and Google about removing the…

21 hours ago

Airbnb Permanently Bans Parties, With Few Exceptions

Victory for irate neighbours? Airbnb confirms its temporary Covid ban on parties in its listings…

22 hours ago