Don't forget about the possibility of Path's data being stolen. Your contacts probably contain enough info for a criminal to carry outa pretty good phishing expedition, for example.
My Facebook friends list is already public. Seems like a motivated criminal already has more than enough info to carry out a phishing expedition. I've never really seen targeted, personalized phishing though, most phishing seems to be broad and generic "enter your bank info here" style.
