Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why do I keep seeing other people's profiles?

Former Member
Former Member over 11 years ago
Hi,

Over the last few weeks when I have opened the Garmin Connect site, instead of seeing my profile, I've been able to see other people's private profiles in place of my own. This is without logging on as them - the page just opens.

I've attached a screenshot from the page that opened just a few minutes ago. This is not the first time it's happened. I have on at least three separate occasions been automatically logged into other user's profiles as that user and have been able to browse their entire history and see their private settings. I have had to log out of their profile and back into my own to correct the problem.

I'm using Chrome on a Mac if that's any help, but it's probably a fundamentally broken cookie/session problem with the Connect site.

I emailed Garmin about this last week but got not response. This is a pretty serious data protection problem in my view. In the EU, failing to adequately protect personally identifiable information (eg addresses, DOB, etc) is going to land you in some serious data protection hot water and result in a nice hefty fine. I don't want other people seeing data that I don't wish to share, and I'm sure plenty of other people would feel the same.

Garmin - fix this yeah? If I happens again I'm raising it with people that will make you fix it.

Dan
  • 0 over 10 years ago
    It has certainly cropped up on the forum but seems to not be a priority for Garmin. I suggest that you report it to Garmin support - I struggle to understand how this cannot be a key item for Garmin to fix as I'm sure it is in breach of EU Data Protection legislation and is not showing a responsible duty of care for Garmin's customer data.
  • 0 over 10 years ago
    I sent them an e-mail, I'm very curious as to what the response is going to be, as this is a huge security issue..
  • 0 over 10 years ago
    I guess the next step should be to raise it formally via this type of communication if you are in the UK

    http://ico.org.uk/for_the_public/raising_concerns

    This raises it as an issue under data protection act which I think applies as there is identifiable personal information about you on your account - If you send them these then they will have an obligation to respond
  • 0 over 10 years ago
    I'm actually in the U.S., so I'll have to look into what other steps can be taken. Honestly, I have never used a site that requires a log-in and been able to access other people's pages and information, I seriously can't believe that this is an issue that I have to raise
  • 0 over 10 years ago
    Agreed I find it staggering that this is not a number 1 priority for Garmin particularly when the new Connect is designed to encourage access to social media - any security flaw potentially puts at risk personal data
  • 0 over 10 years ago
    Bump,
    People are still seeing other members private profiles. Any news from Garmin of when this will be addressed?
  • Former Member
    0 Former Member over 10 years ago
    Bump,
    People are still seeing other members private profiles. Any news from Garmin of when this will be addressed?


    Hi,

    I did finally get a response about this which was as follows:

    "Thank you for contacting Garmin Europe.

    I am happy to help you. In order to resolve this problem you need to clear the Cache on your web browser. This is a quick and simple process. To do this, follow these instructions for the appropriate web browser you’re using:" (instructions follow...)

    This totally doesn't fix the underlying problem that a presumably very easily occurring session ID clash (cookie based I assume) gives you access to other people's accounts. However clearing my Chrome cache didn't really solve the problem (well not for very long anyway) and I am still regularly seeing other people's profiles for both the old Connect and new design sites.

    Dan