Quick FYI if you use Microsoft Edge Browser Wallet

PostHoc25

So this is a real, real weird one. 

A couple of days ago I entered an online competition using my for spam gmail account. A few hours later I received a confirmation of my entry addressed to my full name. EXCEPT, this was a name I changed 15 years ago. It had no connection to my gmail account, wasn't in autofill anywhere because I simply don't use it. I contacted the company, assuming they had sourced it via some weird old database, but even that as a reason didn't feel right.

Their reply was that I had typed in that name. Weirder because all the entry form required was an email address. I did some investigating on the competition page as it is one that allows repeat entries over time. I clicked around and found a link to my 'account profile' auto-created from logging in via the spam mail address. The only info there was my current spam email address with my old name.

So where had it auto-filled from? I clicked around some more and got taken to the settings page for Microsoft Edge Wallet which I do use for online shopping:

From an Edge browser window, click the three dots top left, then: Settings>passwords and autofill>Payment methods>Personal Info

I cannot describe the variety of names, partial names, friends names, contacts details that were somehow connected to personal info in Wallet. No clue what manner of cookies had gathered up the data to dump there but one clear location was from some recent family history research I had done on Find My Past.

All the relatives names - living and deceased - I had searched had been copied over to my wallet?! And because I'd used my old name pre-change in the searches, it had also connected that somehow. Why it randomly selected that pairing of my old name and new spam email for the competition, who knows because there were more than 30 options.

I have now deleted all the erroneous names linked there and am reaching out to Find My Past to see if they have any thoughts although I'm not really expecting anything of help from them - am assuming they will blame cookies and Microsoft, but thought I would mention it incase anyone else wants to check and clean up their personal info on Wallet. It's weird too that I never submitted payment info to Find My Past and used a different email address for that site, but I did do all the FMP searches in Edge browser.

If anyone has any thoughts, do share. Besides that, hope the above is of help and makes sense :-)

Eyeful

Good practice is to use at least three different browsers. 
1. Use first browser for surfing the internet.
2. Use second browser for on line shopping only.
3. Use third browser for on-line banking only. 

Jami74

Eyeful said:

Good practice is to use at least three different browsers. 
1. Use first browser for surfing the internet.
2. Use second browser for on line shopping only.
3. Use third browser for on-line banking only. 

I wonder how many people do that.

Chief_of_Staffy

I use Chrome and just click Incognito when I need to ensure a 'clean' browser. I believe Edge has the same, called InPrivate. That's what it's for.

PostHoc25

Jami74 said:

Eyeful said:

Good practice is to use at least three different browsers. 
1. Use first browser for surfing the internet.
2. Use second browser for on line shopping only.
3. Use third browser for on-line banking only. 

I wonder how many people do that.

Yes, I suspect even with the best intentions, I would totally forget which to use for which :-) Plus, this is luckily, the first alarming data/privacy issue I have ever experienced online in 30+ years of internetting.

I'm thankful it was so clearly connected to one specific site (although names from other random sources were also there). I have contacted FindMyPast, who were equally alarmed but like me, suspected it is more of a Microsoft collecting data issue than them offering info situation.  I also put in a privacy/security request to Microsoft asking why there would be any need to auto-populate info in a Wallet function.

I don't hold out much hope for any definitive answers, but let's see!

PostHoc25

Chief_of_Staffy said:

I use Chrome and just click Incognito when I need to ensure a 'clean' browser. I believe Edge has the same, called InPrivate. That's what it's for.

Yes, I do use InPrivate at times. My issue is not so much data being collected - I get that it is part of the world we live in and on the whole, I'm fairly ambivalent about it tbh :-) My specific query is related to why Wallet would need to be auto-populated, and moreso, where they consider useful places to get the data from to auto-populate it with. Feels like an unnessary feature and on this occasion obviously caused an issue! :-)

booneruk

A lot of browsers will try to be helpful by memorising how you fill in address forms. Things like Bitwarden can do it too - it's about convenience when filling out forms in the future. 

It sounds like if these wallet names were sent to this competition site then an autofill of text fields (forename, surname etc) would have happened, but you say there were no such fields. That is quite a mystery actually.

These wallet entries won't be stored in cookies by the way, cookies are packets of information that a site will set. The browser will have other mechanisms to store data locally for the wallet.

Keep us updated!

PostHoc25

booneruk said:

Keep us updated!

Will do. Yes, I do rely on auto-fill out of laziness a lot, but why it added searches from a genealogy website to wallet specifically is baffling! Thanks for the info re: cookies!

PostHoc25

Some small progress after a 40 min online support chat with Microsoft. Need to go back to FindMyPast next week then will post conclusion!