A vulnerability within the Business Suite settings on an Android device could have resulted in a user's email and/or phone number being revealed via the "sec_user_id" parameter if their information is sent via "Get Leads". We thank @datph4m for reporting this to our team.