A popular Android virtual keyboard app seems to have broken all the rules on security good practice. Not only was their system not protected with a password, the data was not encrypted. This leaves the users highly exposed, and not knowing what to do, given that it is also possible that key strokes were being monitored by the app. The best advice that can be given to anyone who uses this app is to firstly check that you are not reusing passwords across different accounts, and for those that are highly sensitive (online banking for example), consider changing them to something different, as well as something that cannot be easily guessed. This is yet another wakeup call to the dangers of data breaches and what cyber criminals are doing with stolen identities.