Locked Out Of Skymiles Account Due To Security Issue
#16
Original Poster
Join Date: Sep 2012
Location: Dayton, OH/CVG
Programs: DA Diamond(1 MM), Marriott Bonvoy Ambassador/Charter Ambassador, Hyatt Glob, Hertz Presidents Circle
Posts: 885
Soooo, the circus continues. Last night(during the Super Bowl ) i received an email from the Diamond Desk(although it was the general Delta customer service email address) asking me to submit my gov issued ID to get my account unlocked. The email referenced a case number that was generated THE FIRST TIME I SUBMITTED MY ID!! To re-cap, the email asked me to submit my ID referencing a case number from where i did submit it.
I replied with the history, referenced all the names i have talked to, and re submitted my ID. we shall see.
I replied with the history, referenced all the names i have talked to, and re submitted my ID. we shall see.
#18
Original Poster
Join Date: Sep 2012
Location: Dayton, OH/CVG
Programs: DA Diamond(1 MM), Marriott Bonvoy Ambassador/Charter Ambassador, Hyatt Glob, Hertz Presidents Circle
Posts: 885
SUCCESS!!! just randomly tried to log in and it worked! made me re set everything which is fine. Missing miles were redeposited and everything looks good. No extra miles or anything for my troubles or inconvenience, but thats ok. I wasnt in it for that. I just wanted access back.
Thanks to everyone for letting me vent and rant about this. It was a pain. IF ANYONE has this happen to them, please DM me and i can give you some pointers on how to navigate the process.
Thanks to everyone for letting me vent and rant about this. It was a pain. IF ANYONE has this happen to them, please DM me and i can give you some pointers on how to navigate the process.
#19
FlyerTalk Evangelist
Join Date: Aug 2001
Location: Finally back in Boston after escaping from New York
Posts: 13,644
Soooo, the circus continues. Last night(during the Super Bowl ) i received an email from the Diamond Desk(although it was the general Delta customer service email address) asking me to submit my gov issued ID to get my account unlocked. The email referenced a case number that was generated THE FIRST TIME I SUBMITTED MY ID!! To re-cap, the email asked me to submit my ID referencing a case number from where i did submit it.
I replied with the history, referenced all the names i have talked to, and re submitted my ID. we shall see.
I replied with the history, referenced all the names i have talked to, and re submitted my ID. we shall see.
Mike
#20
Original Poster
Join Date: Sep 2012
Location: Dayton, OH/CVG
Programs: DA Diamond(1 MM), Marriott Bonvoy Ambassador/Charter Ambassador, Hyatt Glob, Hertz Presidents Circle
Posts: 885
#21
FlyerTalk Evangelist
Join Date: Nov 2000
Location: Nashville -Past DL Plat, FO, WN-CP, various hotel programs
Programs: DL-MM, AA, SW w/companion,HiltonDiamond, Hyatt PLat, IHF Plat, Miles and Points Seeker
Posts: 11,072
So. which is worse?
a) Someone hacking into your account
or
b) Delta getting you back in business
or
c) Delta messing around even AFTER they have re-authorized you and your account?
a) Someone hacking into your account
or
b) Delta getting you back in business
or
c) Delta messing around even AFTER they have re-authorized you and your account?
#22
Original Poster
Join Date: Sep 2012
Location: Dayton, OH/CVG
Programs: DA Diamond(1 MM), Marriott Bonvoy Ambassador/Charter Ambassador, Hyatt Glob, Hertz Presidents Circle
Posts: 885
The hacking thing really didn't bother me: that kind f stuff happens. I appreciated Delta "looking out for me"(even though i am the one who caught the fraudulent activity). What frustrated me was the response and, in my admittedly uneducated opinion, incredibly long time to resolve the issue and the lack of clarity or guidance from anyone who i spoke with as to how to proceed.
#23
Join Date: Mar 2020
Programs: Delta
Posts: 3
Delta skymiles fraud
This just happened to me for the second time this month. Earlier this month, my skymiles were used to purchase luxury goods on the Delta Marketplace site. The fraudulent person logged into my account, changed my password and used miles to buy all sorts of goods. I so happened to log into my delta skymiles account frequently via the app and was locked out one day when I tried to log in. Once I reset my password, I noticed the fraud and called delta right away. They were able to stop the shipment of the goods and reinstate my miles within a couple of days. Fast forward two weeks and now I'm locked out of my account again"due to irregular activity". However, this time around I couldnt just reset my password but instead I had to complete this online verification form and submit proof of identification. The email I received says it takes up to 7 days to hear back re: identity verification. I'm mostly worried that the fraudster getting away with deducting miles again and this time will get the goods. I know delta will reinstate my miles, but 7 days is entirely too long for something like this to be resolved!
Last edited by eyez412; Mar 21, 2020 at 1:33 am Reason: grammer
#24
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,413
Even if you can't get into the account, can you ask DL to tell you whether there were any recent transactions. If there were some that you didn't authorize, tell DL that they're fraudulent ASAP.
Are there any other indications that the security breach could go beyond your DL FF account, such as email and credit cards? I assume that you reset the password after the previous incident, but could the person have changed the email on your DL FF account? If they have access to the account, can they see your credit card information too?
Are there any other indications that the security breach could go beyond your DL FF account, such as email and credit cards? I assume that you reset the password after the previous incident, but could the person have changed the email on your DL FF account? If they have access to the account, can they see your credit card information too?
#25
Join Date: Mar 2020
Programs: Delta
Posts: 3
Even if you can't get into the account, can you ask DL to tell you whether there were any recent transactions. If there were some that you didn't authorize, tell DL that they're fraudulent ASAP.
Are there any other indications that the security breach could go beyond your DL FF account, such as email and credit cards? I assume that you reset the password after the previous incident, but could the person have changed the email on your DL FF account? If they have access to the account, can they see your credit card information too?
Are there any other indications that the security breach could go beyond your DL FF account, such as email and credit cards? I assume that you reset the password after the previous incident, but could the person have changed the email on your DL FF account? If they have access to the account, can they see your credit card information too?
#26
Join Date: Mar 2020
Programs: Delta
Posts: 3
Hi MSPeconomist! I called the Delta Platinum line and the representative was extremely rude and unhelpful stating "she cannot release any information to me" about activity on my skymiles account because it is locked. Clearly if I was the fraudster, I wouldn't be calling to inquire and cancel any pending orders they placed with my miles. I haven't seen any other irregular activity on my other accounts. Thank goodness! I suggest anyone reading this thread to check their skymiles account regularly. This also happened to my friend and they used her miles to buy a mac laptop. Two weeks ago they placed orders with my miles for a Gucci watch and two a luxury bag and wallet. As I said, i was able to catch the unusual activity just in time.
#27
FlyerTalk Evangelist
Join Date: Jul 2003
Location: jfk area
Programs: AA platinum; 2MM AA, Delta Diamond, Hilton Diamond
Posts: 10,291
Reading this thread and others on FT, two-pass verification should be an option/requirement.
Several years ago my gmail acct was hacked, they even changed my password locking me out. But [google]gmail IF you login via your "home" computer lets you reestablish your identity AND set up two-pass. You also get 10 auxiliary "special codes". You can establish "known" devices which won't need two-pass.
Several years ago my gmail acct was hacked, they even changed my password locking me out. But [google]gmail IF you login via your "home" computer lets you reestablish your identity AND set up two-pass. You also get 10 auxiliary "special codes". You can establish "known" devices which won't need two-pass.
#28
Join Date: Jun 2004
Location: San Diego
Programs: IHG Spire Amb, HH Diamond, DL Diamond and 1MM
Posts: 3,611
And nearly all of this fraud activity would go away if Delta would only allow redemptions for free flights, not an easily fungible "marketplace".
My sympathy to those having to sort out this mess. Same thing happened to me with IHG hotels so easy to hack, someone took my $20 balance to spend for a cash gift certificate on the Chinese version of Amazon. That just goes to show airlines and hotels should not allow miles and points to be freely converted into cash goods.
My sympathy to those having to sort out this mess. Same thing happened to me with IHG hotels so easy to hack, someone took my $20 balance to spend for a cash gift certificate on the Chinese version of Amazon. That just goes to show airlines and hotels should not allow miles and points to be freely converted into cash goods.
#29
Moderator: Hyatt; FlyerTalk Evangelist
Join Date: Jun 2015
Location: WAS
Programs: :rolleyes:, DL DM, Mlife Plat, Caesars Diam, Marriott Tit, UA Gold, Hyatt Glob, invol FT beta tester
Posts: 18,928
But even stipulating it for the sake of this discussion...
Yes, it goes to show that, *if* their goal was to have zero fraud. However I am sure they have a different goal, namely to reduce the number of outstanding miles from their accounting liabilities and turn a profit through various partnerships while maintaining fraud at an acceptable level (acceptable to them that is, not necessarily to us -- and I share your sympathies for anyone who has to deal with this)
#30
Join Date: Dec 2009
Location: RDU
Programs: DL DM+(segs)/MM, UA Ag, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 3,227
Threads like this are a good time to remind everyone NOT use the same password on multiple websites*. I suggest using a password manager like Lastpass that can create random complex passwords and manage inputting them for you. I don't even know what my passwords are on most websites, but via browser (and even on iOS apps) lastpass enters them for me. Also make sure you have 2FA turned on for your email account. Many sites allow password resets via email, so if a hacker gets in your email, they may be able to reset your passwords.
*If you use same username/password everywhere, then when hackers compromise one site and manage to decode user passwords (due to poor hashing or storing them in plain text) they have bots that take their haul and try them on every website you can think of.
*If you use same username/password everywhere, then when hackers compromise one site and manage to decode user passwords (due to poor hashing or storing them in plain text) they have bots that take their haul and try them on every website you can think of.