SwiftKey Stops Cloud Sync Following User Data Leak

Keyboard maker SwiftKey has been forced to turn off its cloud sync service after the app started leaking user email addresses.

Last weekend some SwiftKey users took to Reddit to complain that they were seeing their SwiftKey app’s autocorrect suggest email addresses and words in a different language to their own.

“I’m getting someone else’s German predictions with only English(uk) pack installed. I have never typed German in my entire life,” said Reddit user JawaharlaNehru, in a post titled ‘Holy F**k! SwiftKey is giving me someone else’s suggestions. Including email IDs and all.’

“I also was suggested an email id in an email field,” the user said.

Turned off

Last Monday, SwiftKey responded to the data leak in a blog post, but claimed the bug did not pose any security issues.

“This week, a few of our customers noticed unexpected predictions where unfamiliar terms, and in some rare cases emails, appeared when using their mobile phone. We are working quickly to resolve this inconvenience,” said SwiftKey.

“While this did not pose a security issue for our customers, we have turned off the cloud sync service and have updated our applications to remove email address predictions.”

Microsoft acquired London-based SwiftKey back in February, paying $250 million (£189m) for the service, which is available on both iOS and Android.

The app has more than 300 million users worldwide, but this incident is not the first security issue to plague the app.

In 2015, Samsung rushed to fix a critical vulnerability found in the preinstalled SwiftKey keyboard app shipped with millions of its smartphones.

The vulnerability, discovered by Ryan Welton, mobile security specialist at NowSecure, allowed attackers to remotely execute code as a privileged (system) user, and affected models including the Samsung Galaxy S6, S5, S4 and S4 mini.

At the time, SwiftKey told TechWeekEurope that the vulnerability was down to the way that Samsung integrated the app onto its smartphones.

“We supply Samsung with the core technology that powers the word predictions in their keyboard,” the company said. “It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability. We are doing everything we can to support our long-time partner Samsung in their efforts to resolve this important security issue.”

Take our video game tech quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

Russia Accused Of Cyberattack On Germany’s Ruling Party, Defence Firms

German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…

2 days ago

Alphabet Axes Hundreds Of Staff From ‘Core’ Organisation

Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…

2 days ago

Apple Announces Record Share Buyback, Amid iPhone Sales Decline

Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…

2 days ago

Tesla Backs Away From Gigacasting Manufacturing – Report

Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant

3 days ago

US Urges No AI Control Of Nuclear Weapons

No skynet please. After the US, UK and France pledge human only control of nuclear…

3 days ago