LarryN
Member
Registered: Jun 2000
Location: Pembroke,MA
Posts: 307 |
** Please Read If You Ordered Anything From Innogear **
I found out the hard way, that the cookie that you get from store.innogear.com does not need to be present for users to access your account information!
I have a MiniJam on backorder @ Innogear. I posted reply to a message on a non-visor related messageboard that somebody asked how the visor plays music. So, being the helpful guy that I am, opened another browser window, opened the Innogear website, nad went to the Minijam page. I then copied the url, and posted it the my message.
I then received an anonymous email from some very honest person (thank goodness) that informed me that my link allows access to "My Account" information, inclusive of name, address, phone numbers, CREDIT CARD NUMBER (complete with card type and expiration date!!!).
I already cancelled my credit card, and asked the mesageboard owners to remove my post (which they have yet to do!). I also called innogear to tell them of the website design issue, they said that my circumstance is unfortunate, but they will not do anything about it!
So, since that creidt card listed there is no longer active, I can't even let Innogear know what my new card ifo is, of the original link that I (stupidly) posted would then display the new card info!!!
I'm letting you all know this because it could happen to you to. I asked Innogear to not display my full credit card info (It should only be showed at time of placing order to confirm the number IMHO), and they would not change the field attributes on the credit card fields of the webpage...
gggrrrrrr...
|