privacy/security on entry sites

[cat-i]

i tried to enter an event from the mtn-cycling website. you can register, and you get a password and everything. then when you view event details, all i got asked, was my id number - it took me to the next page where i could see and change details like address, telephone number and medical aid details. got curious, so from another computer (no cookies) tried to enter without logging in. yup, id number only. searched a little for someone else's id number and yup, i could not only view, but had the option to change, among other things, medical aid details.

 

am i the only one who figured that this is not only a breach of security, but also very dangerous if someone changes my details? medical aid details would be useless when needed.

 

i contacted the website-builders and they agreed to either delete my whole profile (the moment i enter an event, i'll be back on their db) or change my id number (in which case none of my results will be linked back to me).

 

for the time being i'm happy with that - but am i the only one who think it's an issue? if not, then surely they would have done something about it?

 

in the mean time, i'm not entering any events from that website until it's sorted

[Ysterman]

Isn't it the same for the Nissan series? And Supercycling? Perhaps others too?

 

I realized this a while ago - and yes, I think something should be done. The response that you got is not acceptable ... simple & short. They have a responsibility.

 

I know it makes it "easy" now for us (MTB buddies) to enter for each other, but it should be like a good security company at a security complex - if it is irritating it means it is actually working.

 

Up to know I was just to lazy to do something about it ... an perhaps a bit naive ...

 

Maybe we should get the powers in cycling to give us an answer

[cat-i]

i did very few MTB events this year cos of the security issue. tried to enter dome2dome tonight cos i haven't been on the roadie bike since argus .... and what-do-you-know - it's a secure link, security certificate and everything, https://secure.supersport.co.za/cyclelab/eventEntries/blablabla

 

but you need ONLY the id number to get in - to view and to CHANGE details. so it's august and hospitals are on strike. something happens during the ride and i need to get to hospital. no worries, they've got my medical aid details online - but wait, someone changed it - and i end up being send to somewhere ehere babies died this week???

 

there won't be anybody in any office now to complain about this - and entries closes tonight - so i guess i'm NOT doing dome2dome then

[Wyatt Earp]

i did very few MTB events this year cos of the security issue. tried to enter dome2dome tonight cos i haven't been on the roadie bike since argus .... and what-do-you-know - it's a secure link, security certificate and everything, https://secure.supersport.co.za/cyclelab/eventEntries/blablabla

 

but you need ONLY the id number to get in - to view and to CHANGE details. so it's august and hospitals are on strike. something happens during the ride and i need to get to hospital. no worries, they've got my medical aid details online - but wait, someone changed it - and i end up being send to somewhere ehere babies died this week???

 

there won't be anybody in any office now to complain about this - and entries closes tonight - so i guess i'm NOT doing dome2dome then

You are a tough cookie, it will take an atomic bomb to wipe you out