Originally Posted by Richard Chen

It's great that UA 's laywers disavow themselves of all responsibility. Only a massively publicly embarassing hack that got publicized would hold them accountable. Even China's hacking United for 2 years wasn't enough embarassment as they silenced the matter.

I never login with my PIN since a 4-digit PIN is far far too weak a form of security in this day & age in which UA can't keep up in any practical way. I also use a password which isn't used anywhere else, as naturally, expecting those passwords to be hacked someday if not already.