Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Hilton | Hilton Honors
Reload this Page >

Points Missing or Fraudulent Activity in Hilton Honors Account

Points Missing or Fraudulent Activity in Hilton Honors Account

Old Aug 5, 2023, 9:33 am
  #121  
 
Join Date: Jan 2020
Programs: Jetblue, Turkish, Hilton Gold, Spirit Gold
Posts: 400
Points.com had few vulnerabilities fixed recently.

https://samcurry.net/points-com/?fbc...ymIcS1tRcVCsOc

Between March 2023 and May 2023, we identified multiple security vulnerabilities within points.com, the backend provider for a significant portion of airline and hotel rewards programs.
SPN Lifer likes this.
ovacikar is offline  
Old Sep 22, 2023, 8:31 am
  #122  
CG
 
Join Date: Jan 2000
Location: Annapolis, MD
Posts: 483
Fraud in my HHonors Account

I just got an email from Hilton letting me know about my points redemption.... only I hadn't made a points redemption. I logged in and found that someone had reserved a Hampton Inn in China (I'm currently in the U.S.) for today. It was pretty brazen, they added themselves (one Maorui Wu) as the guest and used their credit card, although I suppose Maorui Wu might be a victim as well of a cheap hotel room sold by a "travel agency". I called Hilton immediately and they returned the points, but it sounds like they freeze your account until they complete an investigation, although if you need to redeem points for an upcoming stay they'll do that for you on the phone before they freeze your account.

Bottom line is that Hilton may have been hacked (I haven't had any other accounts broken into lately) and if you see a redemption email from Hilton that you didn't make, it pays to check immediately because it's probably for that day, and call Hilton to get it taken care of. Might be worth proactively changing you HHonors password just to be safe.
CG is offline  
Old Sep 22, 2023, 8:52 am
  #123  
 
Join Date: May 2022
Posts: 2,057
Glad you got your points back so quickly. Hope all goes well!
Schnit is offline  
Old Sep 22, 2023, 9:01 am
  #124  
 
Join Date: Dec 2004
Posts: 7,863
Sorry to hear that. I'm curious if you had 2-step verification enabled, found here. I would hope it gets triggered for someone accessing from another country.
rrgg is offline  
Old Sep 22, 2023, 10:05 am
  #125  
 
Join Date: Apr 2010
Posts: 619
Originally Posted by rrgg
I would hope it gets triggered for someone accessing from another country.
Me too, but not only - I would also like to see it used for logging in from a different device, different browser, etc. (i.e. in every case where the local environment does not already contain a cookie).
To be honest, given the existence of the app, I do not understand why 2FA is not rolled out through a push confirmation ...

And all of the above actually holds true for the rest of the travel industry as well.
MichaelA380 is offline  
Old Sep 22, 2023, 10:56 am
  #126  
 
Join Date: Dec 2004
Posts: 7,863
Originally Posted by MichaelA380
Me too, but not only - I would also like to see it used for logging in from a different device, different browser, etc. (i.e. in every case where the local environment does not already contain a cookie).
This part already happens for me with Hilton.
rrgg is offline  
Old Sep 26, 2023, 8:52 am
  #127  
CG
 
Join Date: Jan 2000
Location: Annapolis, MD
Posts: 483
Originally Posted by CG
I just got an email from Hilton letting me know about my points redemption.... only I hadn't made a points redemption. I logged in and found that someone had reserved a Hampton Inn in China (I'm currently in the U.S.) for today. It was pretty brazen, they added themselves (one Maorui Wu) as the guest and used their credit card, although I suppose Maorui Wu might be a victim as well of a cheap hotel room sold by a "travel agency". I called Hilton immediately and they returned the points, but it sounds like they freeze your account until they complete an investigation, although if you need to redeem points for an upcoming stay they'll do that for you on the phone before they freeze your account.

Bottom line is that Hilton may have been hacked (I haven't had any other accounts broken into lately) and if you see a redemption email from Hilton that you didn't make, it pays to check immediately because it's probably for that day, and call Hilton to get it taken care of. Might be worth proactively changing you HHonors password just to be safe.
Just an update, I got my new HHonors account number with my previous points balance and status intact yesterday. So a pretty reasonable timeframe of just 2 business days for their fraud department to research and make everything right.
SPN Lifer and the810 like this.

Last edited by CG; Sep 26, 2023 at 8:53 am Reason: adding details
CG is offline  
Old Sep 26, 2023, 10:13 am
  #128  
 
Join Date: May 2022
Posts: 2,057
Originally Posted by CG
Just an update, I got my new HHonors account number with my previous points balance and status intact yesterday. So a pretty reasonable timeframe of just 2 business days for their fraud department to research and make everything right.
Does that mean you need new Credit Cards and stuff too? What happened to existing reservations?
Schnit is offline  
Old Sep 27, 2023, 12:45 pm
  #129  
CG
 
Join Date: Jan 2000
Location: Annapolis, MD
Posts: 483
Originally Posted by Schnit
Does that mean you need new Credit Cards and stuff too? What happened to existing reservations?
Good question. Not sure on that as I don't have an HHonors linked credit card and didn't have any pending reservations.
CG is offline  
Old Jan 28, 2024, 4:18 pm
  #130  
 
Join Date: Jan 2024
Posts: 1
Account thats been deleted

I am trying to get my account put back. I was deleted because they say I earned to many points than what I spent. But I also bought points and worked very hard to be a diamond member. I have sent emails to the hhservices email. They dont help. Is there anything else that I can do?!
Yve Malnar is offline  
Old Jan 29, 2024, 8:17 am
  #131  
 
Join Date: May 2022
Posts: 2,057
Unless there was some gaming I cannot imagine why earning too many points is an issue. I have seen people who complain about stays to get comp points get their accounts canceled, but not just earning points legitimately
Schnit is offline  
Old Jan 29, 2024, 8:55 am
  #132  
 
Join Date: Jun 2009
Posts: 237
If it was deleted, the only department that can assist is the fraud prevention team. [email protected]

If they cannot or will not assist, you are basically out of luck and should consider another hotel loyalty scheme for your future stays as Hilton will have basically told you they don't want you as a customer.
smmrfld and craigthemif like this.
muzthe42nd is offline  
Old Jan 29, 2024, 10:36 am
  #133  
FlyerTalk Evangelist
 
Join Date: Dec 2006
Location: Pacific Northwest
Programs: UA Gold 1MM, AS 75k, AA Plat, Bonvoyed Gold, Honors Dia, Hyatt Explorer, IHG Plat, ...
Posts: 16,245
Originally Posted by Yve Malnar
I was deleted because they say I earned to many points than what I spent. But I also bought points and worked very hard to be a diamond member.
Can you share how many points you earned through what channels, and how you earned Diamond?

Welcome to FT!
craigthemif and Sisosig like this.
notquiteaff is offline  
Old Jan 30, 2024, 11:35 pm
  #134  
 
Join Date: Jan 2024
Posts: 1
Restore my hh

Fraud deleted my Hilton it was hacked I bn with Hilton since 2011 and it got hacked I was a diamond member so they deleted it .... the points I just want my account and status back
Walton42 is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.