Originally Posted by
Takiteasy
Thanks for the warning. Seems to be a regular occurrence though.
Am surprised the system does not send you any warning at any point: assume the hacker manages to login as you. They then change the email address to theirs. Then make the booking, and get the confirmation on their new email.
I would expect that a change in personal data (in this case, email) would result in a confirmation email to your old email address from the system - prompting you to login and check what has happened.
Obviously the system does not do that - despite emailing you for loads of other reasons from booking confirmation, 'prepare to fly in 16 days', you have changed your seat request etc. Odd...
The rep actual told me that I didn't get an email because they have an option to specify an email during booking. Still, the system should alert for that too, or at least cc the default email address.