The evidence keeps mounting that companies that put out mobile apps are not paying nearly enough attention to security. Even big companies with large and experienced IT staffs are guilty. In fact, the latest evidence suggests that the iOS mobile app of the largest company in the U.S., by revenue, Wal-Mart, exposes users' passwords, account names and email addresses, as well as many geolocation details. The retailer is famously IT-savvy and is said to owe much of its success to what goes on in the back office. Wal-Mart has already addressed many of the issues raised by Daniel Wood (CISSP, GPEN), an independent penetration tester, and says it is fixing the geolocation problem. Wood conducted the testing at the request of Computerworld. He also spotted security failings in Walgreens' iOS mobile app.