Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Hilton | Hilton Honors
Reload this Page >

Points Missing or Fraudulent Activity in Hilton Honors Account

Points Missing or Fraudulent Activity in Hilton Honors Account

Old Mar 26, 2019, 7:23 pm
  #31  
 
Join Date: Mar 2019
Posts: 1
Hacked.

I just got an email stating that they link to my Hilton account with my Amazon account, they got me for 400.00 plus. On hold with them at the diamond desk as I speak... But they left me with two points
Bshaw1211 is offline  
Old Mar 26, 2019, 7:45 pm
  #32  
FlyerTalk Evangelist
 
Join Date: Feb 2003
Location: Denver, CO, USA
Programs: Sometimes known as [ARG:6 UNDEFINED]
Posts: 26,507
That's enough to get me to unenroll, between the hacking and the pitiful redemption rate.
Brendan likes this.
DenverBrian is offline  
Old Mar 27, 2019, 9:19 am
  #33  
 
Join Date: May 2018
Location: SW Florida
Programs: HH Diamond, BW Diamond, Bonvoy, Choice, IHG
Posts: 227
Wow, just wow!! Hopefully Hilton will put in some type of verification process to eliminate this type of fraud.

I also hope everyone gets their accounts reinstated.
Staley Cornell is offline  
Old Mar 27, 2019, 9:48 am
  #34  
 
Join Date: Jul 2015
Programs: HH Diamond, HGVC, WN RR, National Exec, Avis Preferred
Posts: 1,046
Originally Posted by Bshaw1211
I just got an email stating that they link to my Hilton account with my Amazon account, they got me for 400.00 plus. On hold with them at the diamond desk as I speak... But they left me with two points
The way you write that, it appears that both your Amazon and Hilton account were hacked?
birdiedouble is offline  
Old Mar 28, 2019, 12:50 am
  #35  
 
Join Date: Oct 2013
Location: Alabama
Programs: Hilton Diamond, Hyatt Diamond, SPG Gold, Sixt Platinum
Posts: 190
Multi-factor authentication please Hilton!
cop35758 is offline  
Old Mar 28, 2019, 1:30 pm
  #36  
 
Join Date: Oct 2000
Location: Seattle WA, USA
Programs: Hilton Diamond, Marriott LT Plat, AS Lounge
Posts: 3,477
Originally Posted by cop35758
Multi-factor authentication please Hilton!
Good idea. After my Amazon account was hacked (they caught it in time so no damage done) I set up 2FA, changed my password again, and deleted the credit card from my Amazon account. I thought that would keep someone from buying something at my expense. Now I learn that someone can use my HH points to buy stuff on Amazon. Sigh.

Can someone explain how the HH account and Amazon account get linked? Can someone link my HH account with some else's Amazon account or do both accounts have to have the same name, address, etc.?
Westcoaster is offline  
Old Mar 30, 2019, 6:13 am
  #37  
 
Join Date: Apr 2016
Programs: NH, JL, SQ
Posts: 164
just got hacked too about an hour ago, lady on the line seemed pretty confident i would get my points back...
merridius is offline  
Old Mar 31, 2019, 6:14 pm
  #38  
 
Join Date: Mar 2019
Posts: 1
This happened to me last week. I'm still waiting for my points to be reinstated. I was told to send an email to their fraud department... that I couldn't speak with them over the phone. How long did it take for them to refund your points?
CithAfU is offline  
Old Mar 31, 2019, 9:02 pm
  #39  
 
Join Date: Jan 2005
Location: Sydney, Australia
Programs: QF Gold LTG (ow Saph), HHon Silver, Marriot Gold
Posts: 2,927
And if you are using the same email/password on your Hilton account as other sites that may previously have been hacked (eg. LinkedIn).

Change it now.
SPN Lifer likes this.
moa999 is offline  
Old Apr 5, 2019, 3:04 am
  #40  
 
Join Date: May 2007
Location: Belgium
Programs: HHonors Lifetime Diamond
Posts: 269
Got the e-mail yesterday that my account has been updated.
I changed nothing and when I tried to login my password has been changed.
I contacted the diamond desk and they confirmed that my e-mail address on file has been changed.
They now locked the account and it can take up to five days before they reinstate the account.

I have over 2.5 million points in there and LT diamond status so I sincerely hope everything goes well..

How did this work out for the others after being hacked?
MrHilton is offline  
Old Apr 5, 2019, 5:05 pm
  #41  
 
Join Date: Apr 2013
Location: New Zealand (most of the time)
Programs: Air NZ Elite *G, Honors Gold, IHG Platinum Elite
Posts: 5,996
The vast majority of hacking is because people use the same password on multiple websites.

If you use the same password across multiple sites and data has been compromised elsewhere then somebody can simply try those details to log straight into your Hilton account.

I have no sympathy at all for people who continue to use the same password for multiple sites, especially if that data and password has been compromised. You can easily check that on haveibeenpwned
sbiddle is online now  
Old Apr 5, 2019, 5:35 pm
  #42  
 
Join Date: Apr 2013
Location: New Zealand (most of the time)
Programs: Air NZ Elite *G, Honors Gold, IHG Platinum Elite
Posts: 5,996
The vast majority of hacking is because people use the same password on multiple websites.

If you use the same password across multiple sites and data has been compromised elsewhere then somebody can simply try those details to log straight into your Hilton account.

I have no sympathy at all for people who continue to use the same password for multiple sites, especially if that data and password has been compromised. You can easily check that on haveibeenpwned
sbiddle is online now  
Old Apr 8, 2019, 12:43 am
  #43  
 
Join Date: Apr 2016
Programs: NH, JL, SQ
Posts: 164
Originally Posted by CithAfU
This happened to me last week. I'm still waiting for my points to be reinstated. I was told to send an email to their fraud department... that I couldn't speak with them over the phone. How long did it take for them to refund your points?
reported on saturday, got it back friday

Originally Posted by sbiddle
The vast majority of hacking is because people use the same password on multiple websites.

If you use the same password across multiple sites and data has been compromised elsewhere then somebody can simply try those details to log straight into your Hilton account.

I have no sympathy at all for people who continue to use the same password for multiple sites, especially if that data and password has been compromised. You can easily check that on haveibeenpwned
Voodoo Daddy and strickerj like this.
merridius is offline  
Old Jul 8, 2019, 4:32 pm
  #44  
 
Join Date: Dec 2008
Location: LAX
Programs: UA
Posts: 119
Account hacked with no redemption history

My account was hacked last week. Got an email saying someone had changed my email address on file. As I logged in (with the same password) after about 10 mins receiving the notification, I found that there was an extra letter in the Gmail domain - something like @gmaiil.com. I immediately noticed that there was a mere 10,000 points missing. I looked up my points activity, however there were no signs of any new transactions.

I called Diamond desk and found out someone had cashed out the points and converted them into a certificate at a Hampton Inn location. There was no reservation number attached to the certificate. (I suspect someone discovered a major IT glitch at Hilton?) Diamond desk immediately refunded the points and opened two investigations: one with Guest Services in regards to the certificate and one with their fraud department.
alwaysflyingLA is offline  
Old Jul 8, 2019, 5:14 pm
  #45  
 
Join Date: Jan 2008
Location: Neither here nor there
Programs: UA Slvr, DL Slvr, AA plt, HH LTD, MR tit/LTP at least two of those buy 10 get 1 free coffee cards
Posts: 3,389
Originally Posted by xavierkuai
My account was hacked last week. Got an email saying someone had changed my email address on file. As I logged in (with the same password) after about 10 mins receiving the notification, I found that there was an extra letter in the Gmail domain - something like @gmaiil.com. I immediately noticed that there was a mere 10,000 points missing. I looked up my points activity, however there were no signs of any new transactions.

I called Diamond desk and found out someone had cashed out the points and converted them into a certificate at a Hampton Inn location. There was no reservation number attached to the certificate. (I suspect someone discovered a major IT glitch at Hilton?) Diamond desk immediately refunded the points and opened two investigations: one with Guest Services in regards to the certificate and one with their fraud department.

That particular hack should be solvable. Eventually, someone will try to use the certificate to check in and the authorities can then be notified.

Hopefully, Hilton can prevent the Amazon hacks in the future. I had my Amtrak AGR account hacked and drained about a year ago. AGR credited the points back within 24 hours.
aroundtheworld76 is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.