help menu

Join us on the Community Forums!

  • Community Guidelines

    The Fitbit Community is a gathering place for real people who wish to exchange ideas, solutions, tips, techniques, and insight about the Fitbit products and services they love. By joining our Community, you agree to uphold these guidelines, so please take a moment to look them over.

  • Learn the Basics

    Check out our Frequently Asked Questions page for information on Community features, and tips to make the most of your time here.

  • Join the Community!

    Join an existing conversation, or start a new thread to ask your question. Creating your account is completely free, and takes about a minute.

Not finding your answer on the Community Forums?

Cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Will Fitbit be leaving cloudflare following the 8 month long data breach?

Replies are disabled for this topic. Start a new one or visit our Help Center.

‎03-16-2017 01:14

‎03-16-2017 01:14

I would like to use fitbit again, but will not do so until fitbit transfers away from cloudflare. If you aren't aware, cloudflare "leaked" 1.2 million accounts worth of data. What that means is that your account data may have been inadvertently given to another person somewhere in the world. It is completely unacceptable for cloudflare to have had this bug in the first place, but it is absolute laziness that it went on unnoticed for as long as it did, proving cloudflares security to be faulty at best. The even more unacceptable thing would be for fitbit to continue to utilize a company whose lax policies allowed a data breach that went unnoticed for 8 months. Does anyone know if there are any plans in the near future to move away from the cloudflare platform? 

Best Answer
0 Votes
9 REPLIES 9

‎03-16-2017 02:17

‎03-16-2017 02:17

Fitbit's response to cloudflare is documented here: https://eng.fitbit.com/fitbit-response-to-cloudbleed/

Best Answer

‎03-16-2017 18:12

In response to SteveH

‎03-16-2017 18:12

Hi Steve and thanks for chiming in here. However, the original question remains:

 

Does anyone know if there are any plans in the near future to move away from the cloudflare platform? 

 

Steve does not know. Anyone else?

Best Answer
0 Votes

‎03-16-2017 18:33

In response to SunriseRun1251

‎03-16-2017 18:33

@SunriseRun1251, I doubt if anyone here knows if there are plans to move from Cloudflare, nor would they know if there are plans to stay with it indefinitely.  Technology is always changing. If you choose to not use Fitbit because of it, that is your decision to make, and not ours. As they said in the article @SteveH referred you to, you need to contact support for additional information:

 

"We encourage any users that are concerned about this issue to reach out to our support teams. We’re working to ensure that we have the correct customer support resources on hand to quickly help anyone that feels they need help."

Best Answer

‎03-16-2017 18:58

In response to USAF-Larry

‎03-16-2017 18:58

Hi Larry and thanks for letting me know your opinion. I work in the same industry as cloudflare as an engineer and the one thing I can tell you is that technology might be changing, but that has nothing to do with this egregious security issue. This is completely unacceptable. Cloudflare implemented a bug into their own code that leaked 1.2 million accounts worth of data to other, random people throughout the world...for 8 months! 8 months, Larry. If fitbit stays with them, you and everyone else who values their personal data would be a fool for letting them maintain even your ip address. The question remains, will fitbit move away from the cloudflare platform. If you know the answer, great. If not, hey, why not chime in here like Larry and Steve and let us know. Thanks for taking the time!

Best Answer
0 Votes

‎03-16-2017 21:05

‎03-16-2017 21:05

I'm wondering now.  I have just received a sales email selling upmarket sunglasses. This type of invasion never happened before in my years with Fitbit. Fortunately it was through a dormant account.

Colin:Victoria, Australia
Ionic (OS 4.2.1, 27.72.1.15), Android App 3.45.1, Premium, Phone Sony Xperia XA2, Android 9.0
Best Answer

‎03-16-2017 23:44

In response to Colinm39

‎03-16-2017 23:44

@SunriseRun1251 as customer support doesn't monitor this user community all we are going to get in this thread is speculation until someone contacts them and asks.

Best Answer

‎03-17-2017 00:36

In response to SteveH

‎03-17-2017 00:36

@SteveHI have sent a PM to Fitbit @EmersonFitbit because the PM I received as an email advertising sunglasses DID NOT come from the  dormant Community Account. It came direct from Fitbit Community [community@mail.fitbit.com]

 

The website had wwww.etc... change that to www...... and you get Ray-Ban official site..

 

Let's see what eventuates.....

Colin:Victoria, Australia
Ionic (OS 4.2.1, 27.72.1.15), Android App 3.45.1, Premium, Phone Sony Xperia XA2, Android 9.0
Best Answer

‎03-17-2017 00:51

In response to Colinm39

‎03-17-2017 00:51

Hi Colin, I'm aware that there is an ongoing issue with SPAM PMs relating a RayBan at the moment and that Matthew has been addressing this.

Best Answer

‎03-17-2017 01:00

In response to SteveH

‎03-17-2017 01:00

@SteveHThanks for the reply but before I posted this I couldn't find anything on the Forums..

 

 

Colin:Victoria, Australia
Ionic (OS 4.2.1, 27.72.1.15), Android App 3.45.1, Premium, Phone Sony Xperia XA2, Android 9.0
Best Answer