I have - IHG changed my address and I have seen on the IHG thread where someone got sent someone else's booking confirmation. Once someone got his account hacked and redeemed all his points to get amazon GC.

At Marriott once I got a wrong folio under my door and that guy's address, MR info are all there.

Another FT thread at Marriott - a FTer got his account hacked, someone used his points to book and he called the hotel when that guy was actually staying at the hotel, the hotel asked that guy to pay with his own CC - no sincere apology from Marriott AFAIK.