This is not to say that HTC or a spy is sifting through your personal data as we write this, but only to suggest that it theoretically can occur. The phones involved include the HTC Evo 3D (Sprint), the HTC Evo 4G (Sprint) and the HTC ThunderBolt (Verizon). Other models like the myTouch 4G Slide (T-Mobile) and the HTC Sensation 4G (T-Mobile) might also be involved. Even models that have yet to launch like the HTC Vigor (Verizon) could be collecting your data.
So far, HTC has been totally silent about this situation. It was only advised of the problem a week ago and there is speculation that the manufacturer is looking into the problem with its own investigation, but this has not been confirmed or denied. Because of the open source nature of Android, while Google requires consent before information can be read off a device, third parties can change the underlying code and hardware firms can also leave doors open that invite rather than thwart those who like to take personal data from devices. The data that is vulnerable include phone numbers, your recent movements tracked via GPS, SMS, emails, user accounts and more.
source: AndroidPolice via electronista