An intrepid Android user has found a bug in the HTC Incrediblethat raises some potential privacy concerns.

As BGR reports, the HTC Sense UI takes screenshots of your web browser for its bookmark widget that are not actually deleted from your phone’s internal storage — even after a factory reset. These screenshots are then accessible by anyone who has the know-how to navigate the phone’s internal data structure on his/her desktop.

We don’t have an HTC Incredible or DROID Incredible on-hand to test ourselves, but BGR reports that it was able to confirm that these temporary screenshots were not deleted after clearing the browser cache, software resets or even a full factory reset on more than one stock, un-rooted DROID Incredible unit.

The problem worsens when you hear about what some of these screenshots contain — it’s more than just news pages or login screens. BGR notes that it was able to find screenshots of Facebook (from when the user was logged in) as well as screenshots that show a logged-in session at a banking website.

Again, the problem isn’t so much that the phone takes random screenshots of your browsing sessions — that’s part of how the HTC Sense bookmark widget works (though we will note that we are troubled that SSL or encrypted site contents are not automatically excluded from these random screenshot intervals) — the problem is that these images can only be removed by manually finding them in the file system and deleting them.

While getting to these screenshots right now is a convoluted process, it’s not hard to imagine a program or script that could make pulling up that data easy.

This is just another example of a potential privacy hole in today’s digital landscape. It’s bad enough when services like Facebook or Google Buzz accidentally reveal private information, still, you could make the argument that that is a potential risk of using such services. However, with bugs like this, users who don’t do anything but use their devices as intended could potentially leave their data at risk.

While we fully expect HTC to issue some sort of update to its affected products, this incident is just more food for thought in the ongoing digital privacy debate.

An apparent AT&T security breach has exposed the e-mail addresses of 114,000 iPad 3G subscribers, according to Gawker.

A group known as Goatse Security (yes, named after the Internetshock site) sent the media blog a list of 144,067 e-mail entries of iPad 3G customers. The list includes well-known government officials like White House Chief of Staff Rahm Emanuel and high-profile individuals such as Diane Sawyer of ABC News. They obtained it through a script on AT&T’s website that returned email addresses associated with ICC IDs, which are used to link SIM cards on mobile devices with specific subscribers.

Gawker emailed two individuals on the list and verified that their ICC IDs matched the ones in the documents Goatse Security sent to them.

Gawker says that Goatse Security contacted AT&T and the loophole was quickly closed, but the damage has already been done. Over 100,000 emails are in Gawker’s hands, and it’s unclear who else used the script before the security loophole was closed.

If the report is true, it’s yet another black eye for AT&T. While it’s unlikely the ICC IDs can be used to attack subscribers, the exposing of 114,000 iPad 3G customers is damage enough.