A privacy flaw in Skype's mobile application for Android could give cybercriminals access to user information from smartphones, private details such as the user's name, email address, contacts, and even chat logs, the VoIP service confirmed in a recent blog post. It's not something you should be overly concerned with, as unfettered access to cached profile information and instant messages does require the installation of a malicious third-party application, but definitely something you should be aware of, especially if you tend to install apps from outside the Android Market.
Skype is currently investigating the matter, though doesn't have a time frame on when users can expect a fix.
"We take your privacy very seriously and are working quickly to protect you from this vulnerability, including securing the file permissions on the Skype for Android application," Skype said.
According to AndroidPolice.com, Skype mistakenly left certain files with improper permissions, allowing malicious apps to read them. Not only are they accessible, they're also unencrypted.