Samsung have been releasing various patches, some of which were reportedly addressing security issues with their devices, but we don’t know how far they’ve managed to spread their fixes among the many different combinations of devices and carriers.
The best thing a user can do to avoid getting hacked at the moment is to only connect to Wi-Fi networks they trust, or switch to another phone temporarily until the issue is resolved. There is a lot of focus on this problem right now, and Samsung will likely be right on top of it very soon, if they aren’t already working hard to resolve it.
Until then though, users should keep in mind that if someone can manipulate the traffic of whatever network they’re connected to, they can also inject malicious code into the application’s update checks and execute it on an end-user device. From then on, it would be very difficult to fix the phone and remove malicious software from it, not to mention that an attacker can then easily go through SwiftKey once again and restore everything.