IHG Account hacked - Points redeemed for Amazon gift certs.
#1
Original Poster
Join Date: Feb 2014
Posts: 38
IHG Account hacked - Points redeemed for Amazon gift certs.
I just logged into my wife's IHG account to use her free night certificate and noticed that almost all of her 90k points had been redeemed 2 days ago. I called up IHG and they said they were used to redeem amazon gift certificates. I told them it wasn't her and they are investigating. My wife didn't receive any sort of email confirmation of the activity, I'm lucky I logged in and noticed the activity or else I wouldn't have known it was happening. I also checked her amazon and the points were not redeemed on her account so her amazon wasn't hacked. I read that IHG had been hacked at the end of last year and also their PIN system makes hacking somewhat easy. This is an FYI - you may want to check on your accounts to make sure they are good.
#2
Suspended
Join Date: Aug 2010
Location: DCA
Programs: UA US CO AA DL FL
Posts: 50,262
Also - A word to the wise. Have your wife check her account and then have her make the call.
As soon as you call, admitting that you had access to the account, you have violated the terms and conditions of the account and put the recovery at risk. Not suggesting that will happen here, but your call raises the question of who else has access to the account.
As soon as you call, admitting that you had access to the account, you have violated the terms and conditions of the account and put the recovery at risk. Not suggesting that will happen here, but your call raises the question of who else has access to the account.
#4
Join Date: Feb 2012
Programs: Priority Club
Posts: 110
#5
Original Poster
Join Date: Feb 2014
Posts: 38
IHG finally got back to us and reinstated all the points, and then gave us a new PIN.. Oh well, I'll probably add my account to awards wallet so I get alerted if they get removed again.
Last edited by FLYGVA; Mar 17, 2018 at 4:13 am Reason: corrected Marriott to IHG as the OP confirmed he miswrote
#6
Join Date: Sep 2009
Posts: 1
I've seen the earlier threads since the hacks seemed to start in December.
I received an email to proper email account telling me my account had been updated. I had the account open on a previous recent day checking rates for a a possible booking, but had not changed anything. So I logged in and saw my address had been changed to China and points redeemed 12 hours ago.
A quick call to IHG got the redemption cancelled and my points reinstated. I immediately changed the email and pin to help avoid repeat.
Previous threads reported that the hackers got the email account first, changed the email and pin, and locked the legitimate account holder out.
This was not the case with my account. Only the address was changed. Email and pin were still OK and I could access.
So, someone probably has hacked IHG account numbers or email addresses associated with accounts and may jut be randomly generating pins or is directly accessing the accounts without the pins to drain.
Reports of thief using to purchase gift cards or booking rooms.
I received an email to proper email account telling me my account had been updated. I had the account open on a previous recent day checking rates for a a possible booking, but had not changed anything. So I logged in and saw my address had been changed to China and points redeemed 12 hours ago.
A quick call to IHG got the redemption cancelled and my points reinstated. I immediately changed the email and pin to help avoid repeat.
Previous threads reported that the hackers got the email account first, changed the email and pin, and locked the legitimate account holder out.
This was not the case with my account. Only the address was changed. Email and pin were still OK and I could access.
So, someone probably has hacked IHG account numbers or email addresses associated with accounts and may jut be randomly generating pins or is directly accessing the accounts without the pins to drain.
Reports of thief using to purchase gift cards or booking rooms.
#7
Join Date: Nov 2006
Programs: Seniors Bus Pass
Posts: 5,529
Welcome to Flyertalk, Metwo3.
As it is only a four digit PIN, and there are therefore 9999 possible combinations, what the hacker needs is just your account number and a computer programme to go through the variations until they get in.
When this was discussed a year or so ago there was some talk of changing to lock out after a number of incorrect tries. I dont know if this has been implemented. If not, then it will be a few milliseconds work for the computer to get access.
Where might they get your member number? Any number of compromised places, I suppose. Also the waste paper bin - some hotels put your number on "welcome letters" and they are often on receipts etc.
As it is only a four digit PIN, and there are therefore 9999 possible combinations, what the hacker needs is just your account number and a computer programme to go through the variations until they get in.
When this was discussed a year or so ago there was some talk of changing to lock out after a number of incorrect tries. I dont know if this has been implemented. If not, then it will be a few milliseconds work for the computer to get access.
Where might they get your member number? Any number of compromised places, I suppose. Also the waste paper bin - some hotels put your number on "welcome letters" and they are often on receipts etc.