Mart(i)nez et al. have proposed a secure RFID protocol recently which relies exclusively on the use of Elliptic Curve Cryptography (ECC) com-bined with a zero knowledge-based authentication scheme. In this paper, we show that this proposed protocol is not secure against the tracking attack. To make the attack successful, the adversary needs to execute three phases. Firstly, the attacker just eavesdrops on the messages exchanged be-tween Reader and Tag. Secondly, the attacker im-personates the Reader to replay the message which is obtained from the first phase. Finally, the adversary acts as a man in the middle to tamper the messages exchanged between Reader and Tag. Then we propose an enhancement and prove that the revision is secure against the tracking attack while keeping other security properties.