Go Back  FlyerTalk Forums > Miles&Points > Hotels and Places to Stay > Marriott | Marriott Bonvoy
Reload this Page >

Hacked Marriott Account and Horrible Customer Service

Hacked Marriott Account and Horrible Customer Service

Old Sep 12, 18, 7:40 pm
  #1  
Original Poster
 
Join Date: Jan 2005
Location: New York, N.Y.
Programs: Delta-Diamond; Hilton Diamond; Starwood-Platinum;
Posts: 79
Angry Hacked Marriott Account and Horrible Customer Service

This Sunday my Marriott account was hacked and over 1 million points were taken from my account. I caught this hack and contacted Marriott. After numerous telephone calls and numerous people (average wait time on the Platinum line iwas over 15 minutes) after several days I got my points back. What has shocked me about this incident was the lack of security controls by Marriott, and lack of intelligent customer service. For instance my address and telephone was changed to a European address - and nobody at Marriott caught it. After numerous discussions my address and phone numbers were changed - but Marriott left the European country code on my numbers which I had to call again and have them change. After I got the country telephone code changed this evening I spoke to a supervisor about my status. I was a lifetime Starwood Platinum with over 12 years Platinum and well over 800 nights in the combined program I spoke to a person who claimed she was a supervisor and asked why my account is not Platinum Preferred since I met the qualifications and she stated that she was instructed that all Starwood people would not get Platinum Preferred status - only legacy Marriott members would. When I told her that was incorrect she insisted that was true but I could file a complaint She put me on hold for ten minutes and then hanged up - without any call back.
My perception of Marriott is extremely poor security controls for their accounts, and rude and incompetent customer service agents - with a long wait time to get a call.
Any suggestions as to how I can elevate this situation - especially for my status?
All suggestions would be appreciated.
Thanks
Gramercy Flyer is offline  
Old Sep 12, 18, 8:05 pm
  #2  
 
Join Date: Dec 2009
Location: COS
Programs: UA Gold/1.5MM (several years running now!), Marriott LTTE, Hertz Prez
Posts: 1,850
Firstly, it's Platinum Premier - not Preferred.

Also, your current status is correct - this has been extensively discussed, debated, and document here and elsewhere. Based on your posted metrics, you will advance to LTPP in Jan '19.

At this point you have your points back, and you didn't have all of your facts straight going into what was likely a heated discussion with various customer service reps - maybe just move on at this point? Oh, and perhaps improve the security of your password if you haven't already.
CCIE_Flyer is offline  
Old Sep 12, 18, 8:12 pm
  #3  
Original Poster
 
Join Date: Jan 2005
Location: New York, N.Y.
Programs: Delta-Diamond; Hilton Diamond; Starwood-Platinum;
Posts: 79
Actually the status was just an add on question this evening. The real issue was lack of security and poor customer service with a hack. Password was immediately changed.
Gramercy Flyer is offline  
Old Sep 12, 18, 8:24 pm
  #4  
A FlyerTalk Posting Legend
 
Join Date: Aug 2002
Programs: UALifetimePremierGold, Marriott LifetimeTitanium
Posts: 66,469
With Marriott you can also ask that a PIN be added to your account. Even cust svc can't access your account to do things like awards, etc, w/o you providing them the pin#. I did that over a decade ago.

Cheers.
SkiAdcock is offline  
Old Sep 12, 18, 8:26 pm
  #5  
 
Join Date: Dec 2009
Location: COS
Programs: UA Gold/1.5MM (several years running now!), Marriott LTTE, Hertz Prez
Posts: 1,850
Originally Posted by Gramercy Flyer View Post
Actually the status was just an add on question this evening.
OK, fair enough. But your status is indeed correct through Dec 31st of this year, so there's nothing more to be rectified on the Marriott side at this point.

The real issue was lack of security and poor customer service with a hack. Password was immediately changed.
It's impossible to know how the hack took place. It's possible your information has been stolen multiple times via multiple breaches in recent years (most folks - myself included - tend to reuse username/password combinations across multiple different accounts).

As for customer service, I can only imagine what it's like to show up for work in Marriott IT or Customer Service these days. Yes, it's self-inflicted from an organizational perspective, but nevertheless a lot of the front line folks had no influence over the decisions that have come around to haunt them all. I'm glad that you were ultimately able to recover a significant amount of temporarily lost points - that was a close one.
CCIE_Flyer is offline  
Old Sep 12, 18, 9:24 pm
  #6  
Original Poster
 
Join Date: Jan 2005
Location: New York, N.Y.
Programs: Delta-Diamond; Hilton Diamond; Starwood-Platinum;
Posts: 79
Thanks I did that
Gramercy Flyer is offline  
Old Sep 12, 18, 9:32 pm
  #7  
Original Poster
 
Join Date: Jan 2005
Location: New York, N.Y.
Programs: Delta-Diamond; Hilton Diamond; Starwood-Platinum;
Posts: 79
I do understand it is extremely chaotic at Marriott Nevertheless the lack of security controls and even common sense by multiple Marriott agents was extremely surprising. I was used to a much more competent Starwood Platinum customer service.
Gramercy Flyer is offline  
Old Sep 12, 18, 9:54 pm
  #8  
 
Join Date: Dec 2009
Location: COS
Programs: UA Gold/1.5MM (several years running now!), Marriott LTTE, Hertz Prez
Posts: 1,850
Originally Posted by Gramercy Flyer View Post
I was used to a much more competent Starwood Platinum customer service.
After many years of loyalty to Marriott, I moved my business over to SPG on the basis of deteriorating customer service. What I found was an awesome loyalty program and just an overall greater sense of satisfaction with how I was spending my considerable hotel dollars and living my life on the road. For anyone who had that experience (even if however briefly, as in my case), this will be a difficult adjustment in many respects. But it probably won't be as bad as things are today for too terribly much longer - or no amount of killing off the competition will do the trick...
margarita girl and joakgarp like this.
CCIE_Flyer is offline  
Old Sep 12, 18, 10:28 pm
  #9  
Original Poster
 
Join Date: Jan 2005
Location: New York, N.Y.
Programs: Delta-Diamond; Hilton Diamond; Starwood-Platinum;
Posts: 79
i am still keeping Hilton Diamond I find the diamond line and service, while not as good as Starwood was, is now far superior to Marriott. i will switch future bookings where I can to them.
Gramercy Flyer is offline  
Old Sep 12, 18, 11:23 pm
  #10  
 
Join Date: Dec 2001
Location: Albany, NY, USA
Programs: LT Mariott Platinum?, SPG Gold, Hilton Silver, AA Gold, Amtrak Nothing.
Posts: 102
Ok, I will bite. What specifically was the lack of security on Marrriotts behalf.

So so far you have stated that your account was hacked. How? Then you tell us that Marriott made good on the stolen points, which they likely did NOT have to do. That seems like a real win for you given the situation.
copyright1997 is offline  
Old Sep 12, 18, 11:35 pm
  #11  
 
Join Date: Nov 2017
Programs: United 1K
Posts: 122
Originally Posted by copyright1997 View Post
Ok, I will bite. What specifically was the lack of security on Marrriotts behalf.
A large redemption combined with an address change should have attracted additional scrutiny.
Resonant Programmer is online now  
Old Sep 13, 18, 2:23 am
  #12  
A FlyerTalk Posting Legend
 
Join Date: Aug 2002
Programs: UALifetimePremierGold, Marriott LifetimeTitanium
Posts: 66,469
While we can all argue on woulda/shoulda, I would like to again point out that MAR created something a decade ago (which in fairness SPG folk wouldn't know) - put a PIN# on your account. Even the MAR reps can't access your account w/o that info, so the hacker might not either. Is it foolproof? I have no idea. But it obviously can't hurt.

Cheers.
SkiAdcock is offline  
Old Sep 13, 18, 8:51 am
  #13  
Hyatt 5+ BadgeMarriott 5+ Badge
 
Join Date: Jan 2017
Location: EWR/PHL/BWI
Posts: 2,733
Originally Posted by Gramercy Flyer View Post
This Sunday my Marriott account was hacked and over 1 million points were taken from my account. .....

Any suggestions as to how I can elevate this situation - especially for my status?
All suggestions would be appreciated.
Thanks
For any web related service, you are warned to keep a strong password for YOUR and THEIR security. You did not do that. You brought risk to your account and to Marriott Reward site. Why did you blame Marriott for your troubles? You need to be fair. People are just helping you.

Good luck with everything. Just move on.
RedSun is offline  
Old Sep 13, 18, 9:10 am
  #14  
 
Join Date: Apr 2014
Programs: UA GS, Marriott/SPG Amb, Hyatt Explorist
Posts: 856
Originally Posted by Resonant Programmer View Post
A large redemption combined with an address change should have attracted additional scrutiny.
They also allow logins over unencrypted (HTTP) connections, donít offer two-factor authentication, and donít appear to have any kind of automated fraud detection system.

Originally Posted by SkiAdcock View Post
While we can all argue on woulda/shoulda, I would like to again point out that MAR created something a decade ago (which in fairness SPG folk wouldn't know) - put a PIN# on your account. Even the MAR reps can't access your account w/o that info, so the hacker might not either. Is it foolproof? I have no idea. But it obviously can't hurt.

Cheers.
How do you set this up?
getagb is offline  
Old Sep 13, 18, 9:36 am
  #15  
Moderator, Marriott Bonvoy & FlyerTalk Evangelist
2020 FlyerTalk Awards
 
Join Date: Oct 2002
Location: McKinney, TX, USA
Programs: SouthWest A-List; AA Plat/2MM; Marriott LT Titanium; IHG Plat; Hilton Diamond; Hyatt Discoverist
Posts: 11,255
Originally Posted by getagb View Post
How do you set this up?
Call MR Customer service (Plat line if you are a Plat or above) and ask them to add a Pin to your account. It is actually a fairly easy and simple thing. It won't stop security issues through your online account but if anyone tries to call in and order awards or make any changes to your account, the agent can't do it unless the PIN # is provided. And while I'm sure there are ways to deal with a forgotten PIN #, they will almost assuredly require more security validations (and possibly escalations) before they would be able to do that.
hhoope01 is offline  

Thread Tools
Search this Thread
Search Engine: