According to the firm, it recently became aware that cached personal information and instant messages from the Android Skype software can be accessible to third-party applications using specialist data retrieval techniques.
As a result of its discovery, Skype is advising users who are concerned about their Android security, to change their passwords.
The communications company says it is also working to protect users from the potential data theft in the future – presumably by changing the program code of the Skype Android client, Infosecurity notes.
In a blog posting made late on Friday by Adrian Asher, the head of Skype security, he said that it "has been brought to our attention that, were you to install a malicious third-party application onto your Android device, then it could access the locally stored Skype for Android files."
"These files include cached profile information and instant messages. We take your privacy very seriously and are working quickly to protect you from this vulnerability, including securing the file permissions on the Skype for Android application", he said.
"To protect your personal information, we advise users to take care in selecting which applications to download and install onto their device", he added.
While several news wires have flagged the Skype announcement as a major one, the Mashable news wire takes a more practical view offering words of advice, noting that the program changes required include "securing the file permissions in Skype for Android so that data isn't accessible from apps that gain root access."
"The fallout from this revelation will likely be minor, but it’s a good reminder that mobile applications aren't as secure as we might think", says the news wire.
"Companies big and small should adopt best practices in sandboxing and encrypting user data so that information is protected from unauthorized access", the news wire adds.