Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Hilton | Hilton Honors
Reload this Page >

Consolidated "Hilton Honors Account Hacked" thread

Consolidated "Hilton Honors Account Hacked" thread

Old Apr 21, 2018, 5:47 am
  #391  
 
Join Date: Nov 2010
Posts: 2
My account was hacked and 21000 points taken out for a stay in China . Never travelled to China in my life. What a mess I believe it is someone within Hilton stealing customer accounts and selling to third party.
rajatbathla is offline  
Old Apr 21, 2018, 6:08 am
  #392  
 
Join Date: Nov 2010
Posts: 2
Originally Posted by TonyG5003
A head's up...

I had fraudulent activity on my account overnight - siphoning about 30,000 points in 4 separate transfers. (Of course, I've reported this to Hilton.)

Mid-way thru the night, the fraud also involved an invitation to "Pool" my account with another - it said that I initiated the pooling "invite."

What's VERY interesting, is this activity occurred just barely 24 hours after I called Hilton to open a formal complaint about a specific Hampton property - and about a week after posting negative, but accurate and "constructive" reviews on Trip Advisor, Yelp, and Google.

I've not called Hilton to formally file a complaint in over 10 years - and 24 hours later, I have fraud? Strange coincidence - or rogue employee/manager?

Anyway... Hilton's terms say they're not responsible for replacing the points. However, the agent said it takes 10-14 days for the investigation to occur, and they will replace the points if fraudulent activity occurred.

I cannot find ANY information about rewards program fraud - other than the previous Hilton PIN number fraud a few years ago.

BEWARE
Exactly same thing happened with me. Points were stolen after complaining to diamond club and property manager.
AlEtRONt likes this.
rajatbathla is offline  
Old Jun 4, 2019, 9:11 pm
  #393  
 
Join Date: Mar 2017
Programs: HHonors Diamond, SPG, IHG, AA, SWA
Posts: 84
Same thing happened to me today.
Last night, I got an email confirming account activity I did not make. I immediately tried to log in, but they changed my log in credentials. I called the Diamond Desk and they said my points were not touched, so they changed the email back to mine and allowed me to rest my password.
You'd think that was the end of it. But, this morning I received a confirmation of my points activity. I called the Diamond Desk again and they confirmed virtually all of my points were transferred to points.com.
I have no idea how they got into my account but they must have scheduled the transaction right away. The CSR today told me they should have suspended my account when I reported the original fraud to prevent my points from being usable in any capacity.
Hopefully they get it sorted out, but I'm not loping forward to linking my new HH number to Amazon, Lyft, and Amex.
George M is offline  
Old Jun 5, 2019, 1:17 pm
  #394  
 
Join Date: Apr 2013
Location: New Zealand (most of the time)
Programs: Air NZ Elite *G, Honors Gold, IHG Platinum Elite
Posts: 6,262
How many of you used the exact same password for your Hilton logon as you do on other sites?
sbiddle is offline  
Old Nov 1, 2022, 11:43 am
  #395  
 
Join Date: Nov 2004
Location: London
Programs: AA, BA, UAL, NZ, QF, LH, SPG, IHG, HH, Marriott etc etc
Posts: 152
more points.com fraud?

I transferred 75k hilton points between family accounts and redeemed them immediately. two days later i receive an email from [email protected] saying i had bought 75k miles and more Bundle & Go points. Have no idea what this is and i cant find a points.com customer service number. the email also quoted the hilton account number as a miles and more account. Points.com completely broken?
carpmawj is offline  
Old Nov 1, 2022, 12:18 pm
  #396  
 
Join Date: Jun 2019
Programs: AS MVPG75K / HIlton Diamond
Posts: 29
Originally Posted by carpmawj
I transferred 75k hilton points between family accounts and redeemed them immediately. two days later i receive an email from [email protected] saying i had bought 75k miles and more Bundle & Go points. Have no idea what this is and i cant find a points.com customer service number. the email also quoted the hilton account number as a miles and more account. Points.com completely broken?
Well, I transferred some from my wife's hhonors to my own to make a points reservation in Early Oct... today we received email from that same account with her hhonors acct# referenced, the same # of points transferred, and the transaction date a month ago. This seems like just a system glitch? I don't see any NEW activity on the hhonors account.
rayfound is offline  
Old Nov 2, 2022, 12:32 am
  #397  
 
Join Date: Nov 2004
Location: London
Programs: AA, BA, UAL, NZ, QF, LH, SPG, IHG, HH, Marriott etc etc
Posts: 152
Apparently it was a test message that went wrong

Not sure if I feel better or worse about the firm but at least the mystery is solved
carpmawj is offline  
Old Aug 3, 2023, 1:54 pm
  #398  
 
Join Date: Feb 2006
Location: GSO/HAM
Programs: UA MM, Hilton Diamond
Posts: 282
Hhonor account hacked

received an email this morning "Your Hilton Honors Points have been redeemed"

I immediately went online since I did not redeem any points. Somebody made reservations for 3 rooms at a Hilton in China. I was able to cancel all 3 reservations, points were redeposited and I changed my password. Is there anything else I should/need to do ??

Thank you
witthuus is offline  
Old Aug 3, 2023, 2:33 pm
  #399  
 
Join Date: Apr 2010
Posts: 687
How complex is your password? If anything less than 8 characters, of which 2 small letters, 2 big letters, 2 digits and 2 special characters, preferably all non-consecutive, change it again to a more complex one.

Do you have two-factor verification (enhanced security) enabled? If not, do so, it is not a very strong feature but should in principle prevent most actions from new browsers / new locations without prior verification.

If you have a credit card saved in your profile, I would remove it.
witthuus and turtlemichael like this.
MichaelA380 is offline  
Old Aug 30, 2023, 11:18 am
  #400  
A FlyerTalk Posting Legend
 
Join Date: Jul 2002
Location: MCI
Programs: AA Gold 1MM, AS MVP, UA Silver, WN A-List, Marriott LT Titanium, HH Diamond
Posts: 52,646
I was hacked over the weekend. I received an email that my Honors phone number had been changed and I had linked my account to Amazon. I immediately logged into my account and changed the password, and changed the phone number back. I also called Hilton right away, and was literally on the phone with a rep when I got emails that all of my points had been transferred to Amazon.

To Hilton's credit, they locked the account, opened a fraud case, and restored my account (with a new number) and points within 3 days. Unclear if they ever canceled the Amazon orders, but this appears to be the new MO for hackers: instantly get the points out of HH, not just attached to a hotel stay that the account holder might notice before check-in.

I now have 2FA set up - but honestly didn't even know that was an option until yesterday. Marriott automatically enabled 2FA some time ago; with Hilton you still have to go deep into your profile and find the option.

I've always used complicated passwords, but I doubt the scammers are brute-forcing password guesses to begin with. They got the password and number somehow. I travel a lot and try to only connect to reputable / known Wifi but obviously my info got out there somehow.
SPN Lifer likes this.
pinniped is online now  
Old Aug 30, 2023, 2:41 pm
  #401  
 
Join Date: Nov 2002
Location: SEA/YVR/BLI
Programs: UA "Lifetime" Gold, AS MVPG100K, OW Emerald, HH Lifetime Diamond, IC Plat, Marriott Gold, Hertz Gold
Posts: 9,513
Originally Posted by pinniped
I was hacked over the weekend...
Thanks for sharing your experience. It sounds like a good response from Hilton.
SPN Lifer likes this.
Fredd is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.