Marketing team: "Our app is privacy-focused!"
Developer who actually looked at the code: *shocked cat face*
Turns out their "privacy-focused" approach is just storing everything locally with zero encryption—basically the digital equivalent of writing your passwords on a Post-it and calling it "secure" because you didn't post it on Twitter.
It's not a feature, it's a shortcut that accidentally became their entire security model!