[VLM]

Its interesting that my concerns were very specifically in defense of walmart owned property, but you describe them very specifically as security of their employees. And then wander off in customer land.

Perhaps giving away large amounts of PII in this app or getting into the habit of giving away PII for the asking puts the employees at risk, but my theoretical examples only put walmart owned property at risk. Well, any employee involved would probably get fired as the fall guy or there's some obscure binder miles away with a written policy forbidding my scenarios, but ...

"sudden concern" Is it a sudden concern? I work at a very large corporation and every six months or so we get a refresher course in not being social engineered etc. Its a sudden concern of us, of some news organizations. Opposition to social engineering attacks is probably not a recent sudden concern of walmart infosec department, they've been around the block a bit and a company doesn't get that big entirely staffed by noobs.