Originally Posted by mitchmu

My take on this is that it's a bug in the web site code. Shocking? And, it's a bug that anyone could legitimately stumble upon without even realizing it.

I find it abhorrent that CO is not only blaming, but actively attacking customers who might have been victims of their own IT bugs.

When will this end?

Am I at risk now for having my MileageMinus account closed and miles confiscated if I have the bad luck to run across a certain kind of SHARES/IT bug that they deem to be a hacking attempt even if there was no intent to hack?

Now, every transaction I make, I know they can steal the miles I've spent a decade earning, if they unilaterally declare me to be a hacker just because their own code is broken???

This is, in fact, INSANE.

I get that the vulnerability was publicized and then others started exploiting the loophole left open by their incompetent IT organization.

Are those people hackers? Or, are they just taking advantage of an opportunity that incompetent IT left open?

How many times has CO screwed its customers because of IT bugs? When we're the victim, where's the sympathy? Are we allowed to steal miles or resources from them to compensate for their "hack" against us?

I think the answer is "no." Why such a double standard?

If a user encounters an IT bug that works in their favor, they're a hacker, and have their resources confiscated.

If a user encounters an IT bug that works in CO's favor, then, nothing but silence.

Utter nonsense. And, anything but friendly.