Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Hilton | Hilton Honors
Reload this Page >

Consolidated "Hilton Honors Account Hacked" thread

Consolidated "Hilton Honors Account Hacked" thread

Old Nov 2, 2014, 1:33 pm
  #91  
FlyerTalk Evangelist
 
Join Date: Jun 2004
Location: MSP
Programs: DL PM, MM, NR; HH Diamond, Bonvoy LT Gold, Hyatt Explorist, IHG Diamond, others
Posts: 12,159
Under "My Points / All Points Activity" I see a stay showing -150,000 points, and another stay showing -60,000 points.

I don't currently have any upcoming points reservations to see how those would show.
sethb is offline  
Old Nov 2, 2014, 1:37 pm
  #92  
 
Join Date: Dec 2010
Location: Sacramento, CA
Programs: UA 1K; Hilton: Diamond;Kimpton: ?? ; Omni: Black; Avis: First; Hertz: Five Star
Posts: 656
[QUOTE=sethb;23779955]Under "My Points / All Points Activity" I see a stay showing -150,000 points, and another stay showing -60,000 points.
QUOTE]

Does either negative entry correspond to something you know what it is (i.e. where you redeemed something etc)?
JohnMacWW is offline  
Old Nov 2, 2014, 3:07 pm
  #93  
FlyerTalk Evangelist
 
Join Date: Jun 2004
Location: MSP
Programs: DL PM, MM, NR; HH Diamond, Bonvoy LT Gold, Hyatt Explorist, IHG Diamond, others
Posts: 12,159
Originally Posted by JohnMacWW
Originally Posted by sethb
Under "My Points / All Points Activity" I see a stay showing -150,000 points, and another stay showing -60,000 points.
Does either negative entry correspond to something you know what it is (i.e. where you redeemed something etc)?
They both correspond to stays, and seem to be at the correct rates for those hotels. The dates shown are the dates of those stays.
sethb is offline  
Old Nov 2, 2014, 9:41 pm
  #94  
FlyerTalk Evangelist & Ambassador: China
 
Join Date: Aug 2005
Location: DEN
Programs: DL DM/MM, UA 1K, AA Exp, HH Dia, WOH Glob, IHG Plat, Marriott Gold, NA EE, Hertz PC
Posts: 17,428
Originally Posted by JohnMacWW
I think you are. I booked some reward nights and used up some points. It does not show on my balance. They way they show points it is not really a points account statement. Just a rolling list of additions. Some posters have reported having a negative amount in the points earned collumn but I am definately missing mine. And the way the page is set up, there is not beginning balance/ ending balance feature by any annual period.
Well then, this makes it easier for hackers now. How hard is it to show pts when they have been deducted?
mnredfox is offline  
Old Nov 4, 2014, 6:53 am
  #95  
 
Join Date: Dec 2010
Location: Sacramento, CA
Programs: UA 1K; Hilton: Diamond;Kimpton: ?? ; Omni: Black; Avis: First; Hertz: Five Star
Posts: 656
Originally Posted by mnredfox
Well then, this makes it easier for hackers now. How hard is it to show pts when they have been deducted?
They can certainly do it but it will take some website reworking, that if for sure. But it seems apparant that the current approach they are taking is not being used consistently. Sometime a negative number is used in the points acquired column, but other times it is never evenlisted.

Since there is no reporting period where they summ up your balance (beginning balance, points earned, points used, closing balance) they are certainly making it harder to even notice if points are lost.
JohnMacWW is offline  
Old Nov 4, 2014, 7:21 am
  #96  
 
Join Date: Jun 2006
Programs: Delta - Plat, Hilton - Diamond
Posts: 139
Wow, I haven't had my account hacked, but was wondering about the Captcha now required. I'm surprised it took this long to hack, PIN codes are very insecure and I doubt anyone uses them to login.

BTW also agree that it's wrong for the CSR can see our passwords. One time they asked for it over the phone to verify it's me. What system allows their personal to see passwords? I might re-use that password for my bank or credit card, heck I might have swear words in my password and don't want to say them out loud to a person over the phone.
msmont is offline  
Old Nov 4, 2014, 2:41 pm
  #97  
 
Join Date: Jan 2014
Location: NJ
Programs: United Silver, Hyatt, Marriott Gold, HHonors Gold, Amex Plat, Global Entry
Posts: 751
Stupid question. People are asking why isn't media covering this.

My question is why isn't it on home page of FT??
elg26 is offline  
Old Nov 4, 2014, 3:44 pm
  #98  
 
Join Date: Feb 2013
Location: ANC
Programs: AS; Hyatt; Bonvoy
Posts: 1,718
Originally Posted by Fredd
Mrs. Fredd removed her (Hilton) credit card from her account details and finds it back in her account this morning.

Judging by the posts to this thread, this could be a wholesale problem. Think of all the Hilton customers who don't monitor their accounts as carefully as FTers.

Why hasn't Hilton contacted customers, as SPG did recently after a similar problem?
I have tried repeatedly - and unsuccessfully - to remove my credit card from my HH account. Has anyone been able to take this step?

My pin & PW have been changed but I'd like to remove my card number, too, given how lax Hilton has been with their website security.
AKCuisine is offline  
Old Nov 4, 2014, 4:10 pm
  #99  
FlyerTalk Evangelist
 
Join Date: Jan 2005
Location: home = LAX
Posts: 25,964
Originally Posted by msmont
I might re-use that password for my bank or credit card.


In this era of data breaches, that's exactly what the hackers are hoping for: That they'll figure out one of your more valuable logins based on the login they stole.

That's why you should try to never use the same password at sites of different need of security (and best if you never reuse a password exactly the same at all for any site where anything could be stolen from you).

Now, if you need a password to read a newspaper online, there's not that much harm that could come from having that password be stolen. But a bank???
sdsearch is offline  
Old Nov 4, 2014, 4:13 pm
  #100  
FlyerTalk Evangelist
 
Join Date: Jan 2005
Location: home = LAX
Posts: 25,964
Originally Posted by AKCuisine
I have tried repeatedly - and unsuccessfully - to remove my credit card from my HH account. Has anyone been able to take this step?

My pin & PW have been changed but I'd like to remove my card number, too, given how lax Hilton has been with their website security.
Well, have you tried changing it to a different card? Such as one which you have cancelled or a Visa/MC/Amex gift card that you've used up? I don't think the website checks for whether funds are available on the card until / unless you try to book a room with it.
sdsearch is offline  
Old Nov 4, 2014, 4:14 pm
  #101  
 
Join Date: Sep 2011
Location: SFO/SMF
Programs: Holder of six "persona non-grata" awards
Posts: 1,914
Need the mobile app. Go to your cc info in the mobile app and delete the card (for iPhone/iPad, you finger "swipe" the card info across the screen and a delete option comes up).

Originally Posted by AKCuisine
I have tried repeatedly - and unsuccessfully - to remove my credit card from my HH account. Has anyone been able to take this step?

My pin & PW have been changed but I'd like to remove my card number, too, given how lax Hilton has been with their website security.
fozziedoggie is offline  
Old Nov 4, 2014, 5:09 pm
  #102  
 
Join Date: Feb 2013
Location: ANC
Programs: AS; Hyatt; Bonvoy
Posts: 1,718
Originally Posted by fozziedoggie
Need the mobile app. Go to your cc info in the mobile app and delete the card (for iPhone/iPad, you finger "swipe" the card info across the screen and a delete option comes up).
I just tried that & got excited when it looked like it accepted the deletion on the mobile app. But then when I go back and log into the regular website, the card is still listed in my account ...

Looks like I'll try sdsearch's method and add an expired card, then set that as primary & try deleting my HHonors credit card.

We shouldn't have to go through all of these steps to try to safe guard our information.
AKCuisine is offline  
Old Nov 4, 2014, 6:28 pm
  #103  
 
Join Date: Nov 2014
Posts: 2
Proof of HForums doing the dirtywork

I actually have no connection with the sales/buying or activity of the illegal and abuse and trouble that this causes people. I had my credit card stolen about 4 months back. You can get your stuff back but it is just ridiculous what is going on these days.. When my card was stolen they sent $400 to some flower business in the UK. I never heard what happened besides me getting my money back

http://i.imgur.com/7Y8R4i0.png

up at the top it shows the link to that page you need to register to see it.

Last edited by squeakr; Dec 4, 2014 at 11:02 pm Reason: image too large
Hackforums is offline  
Old Nov 4, 2014, 6:29 pm
  #104  
 
Join Date: Nov 2014
Posts: 2
whelp here is an example of what is happening to you honor points and where it is sold the link is in the top of the immage.

http://i.imgur.com/7Y8R4i0.png
Hackforums is offline  
Old Nov 4, 2014, 7:06 pm
  #105  
Moderator: Hilton Honors forums
 
Join Date: Dec 2002
Location: Marietta, Georgia, United States
Posts: 25,040
Originally Posted by elg26
Stupid question. People are asking why isn't media covering this.

My question is why isn't it on home page of FT??
I know of at least one weblog which covered this issue...
Canarsie is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.