The My AIA SG application 1.2.6 for Android allows attackers to obtain user credentials via logcat because of excessive logging.