It looks like Apple is using its rejection power for good this time -- removing games built on the Unity engine which included private-API calls that could be used to steal private user information like your iPhone's phone number.
Not all of the rejected/removed games were engaged in privacy violations (or even had the network capability to exploit it), but Apple isn't taking any chances following the Storm8 lawsuit. Touch Arcade has the details:
The Unity engine currently uses the two private API calls that Storm8 allegedly exploited to steal user data, _NSGetEnviron and exc_server. Mantas Puida of Unity Technologies explains these two API's utilized by the Unity engine serve the following functions:
_NSGetEnviron is used by Mono runtime to provide implementation of .NET core API method: Environment.GetEnvironmentVariable().
exc_server is also used by Mono runtime to provide graceful NULL reference exception handling.
The Unity engine, however, has been updated to remove the offending API calls, and the games are being recompiled and resubmitted to the App Store. Hopefully this will keep users' data safe from unscrupulous developers, while the scrupulous ones continue to turn out great games.