Having effortlessly soared to 65 million users, the augmented reality game Pokémon Go may already be bigger than Twitter in the U.S.—if it’s not yet, wait a few minutes—which is all the more mind-blowing considering Twitter has been plugging away for a decade and Pokémon Go’s been out less than a week.

This has led to a spike in Nintendo’s stock price and technical difficulties.

Some of the difficulties are just aggravating (server crashes), but the privacy issues have prompted a tremendous amount of anxiety, particularly among parents, who are discovering the game that made their kids so quiet and cheerful may be causing some serious problems.

Here’s a brief guide to Pokémon privacy.

What happened? CNET summed it up nicely: “If you signed into Pokémon Go with your Google account, you have just handed your digital life over to the game’s developers.” Niantic Labs (Pokémon’s developer) issued a statement noting that the Pokémon “account creation process on iOS requests full access permission for the user’s Google account.” This means Niantic gained access to all your information (email, contacts, photos, etc.) and also had the ability to delete and send things from your account.

Niantic has since acknowledged it made these requests “erroneously” and has stopped seeking such widespread access, as well as noting, “Google will soon reduce Pokémon’s GO’s permission to only the basic profile data that Pokémon GO needs.”

Full access permission… that’s bad, right? A simple rule for the Internet is: “The more people have access to something, the more likely it is you get bit in the ass.” Now a company has access to your info… and if they’ve been hacked, their hackers likely have it too. (Keep in mind a 2015 survey found more than 80 percent of U.S. companies had been hacked successfully.) And yes, there are reports malware creators are targeting Pokémon to seek full control of victims’ phones. While their early efforts have apparently failed, give ’em time.

What can I do to prevent this? For one, check your Google account settings and, if need be, revoke access. (This article explains how to do so. With Niantic moving to fix the Pokémon problem, it’s not necessary to do this now, but it’s worth understanding how it works. Or you could just create a separate Gmail account for Pokémon Go.) Also, there’s another step you can take in the future that will reduce your risks but make your children very angry.

You don’t mean… Yes. Don’t be an early adopter. Wait and see what problems emerge with new apps. If something’s wrong with it, the Internet will let you know soon enough.

But my kids want it now. Never said it would be easy.

Anything else to worry about? Just that your kids may hurt themselves chasing creatures in the physical world while fixated on the game… and older players may hurt them far more severely, as there are concerns about people playing while driving. (So make sure anyone carting you or your kids around does not have an unstoppable Pokémon Go addiction.) Do you know about the robberies?

Robberies? From the O’Fallon, Missouri, Police Department: “Using the geolocation feature of the ‘Pokémon Go’ app, the robbers were able to anticipate the location and level of seclusion of unwitting victims… The way we believe it was used is you can add a beacon to a Poké  Stop to lure more players. Apparently they were using the app to locate people standing around in the middle of a parking lot or whatever other location they were in.”

At which point they’d rob them at gunpoint.

I really thought this game would make my life easier. You’re a schmuck, Dad.