Illustrious - I spent a couple of hours researching your ticket yesterday and this morning to help Terry answer your questions. We take allegations of security risks extremely seriously. While I understand your frustrations, I'm positive that Evernote did not disclose anything from or add anything to your account without your consent (or the consent of someone logged into your account using the web browser on your computer). In both of the cases you mention in June, someone on your computer chose to authorize those third party web services to create notes within your Evernote account. Shortly after each of these authorizations, those services took non-Evernote data and used it to create notes and notebooks in your account. None of your notes were accessed by those services, and none of the data they put into your account came from other Evernote accounts. I say that this came from your own computer because I went through our logs to confirm that the same IP address had been used in surrounding days to access your account from your client, web clipper, and web browser. And the web browsers used in surrounding days was identical (in "User-Agent") to the one that authorized Springpad import to Evernote. Since you deleted the notes that Springpad imported from your account, and since their service is no longer available, I can't rule out the possibility that they pushed notes from the wrong Springpad account into Evernote after your browser granted them access. But it's also possible that the content came from the right authenticated Springpad account. (We heard no other reports of incorrect behavior from any of the people who did the same import.) However, I absolutely agree with your general recommendation that Evernote users should choose carefully which third-party applications they permit to access to their Evernote accounts, just like you should choose carefully what applications should have permission to read your email or access your banking web site. We try to help with this decision by enumerating exactly which capabilities you're granting each application. I.e. some applications have permissions to read your notes, others do not. We encourage developers to request only the permissions they absolutely need, and we've added some safety features (e.g. "Note History") to protect against accidental note damage from third party applications. And we will, of course, terminate the access of any applications that are actually mishandling the data of the Evernote users who have granted them access.