If you use the Skype for Android app your personal information may be vulnerable due to the way the app stores your data unencrypted and without proper file permissions.
Android Police reports that this exploit was discovered while checking out a leaked version of Skype Video on the Thunderbolt.
I quickly came up with an exploit, and I was in shock at just how much information I could harvest. Everything was available to the rogue app I created, without the need for root or any special permissions."
Surely, only this leaked beta build was vulnerable, or so I thought. But upon examining the standard version of Skype for Android (which has been available since October 2010) I discovered the same vulnerability – meaning this affects all of the at least 10 million users of the app.
The folders and sqllite3 databases containing all of your personal data is accessible by anyone with access to your Android or any app installed onto the Android.
Check out the Android Police's video screencast of the exploit:
Skype responds and there is a fix (see comments in article)