Just had 375,000 points stolen....
#1
Original Poster
Join Date: Apr 2000
Location: Portsmouth, NH
Programs: Delta Platinum, Marriott Rewards Lifetime Titanium, Hyatt Globalist
Posts: 319
Just had 375,000 points stolen....
For some reason, I check my account regularly. I checked it today and noticed that I was missing 375,000 points. Logged in and saw that there were three separate point transactions for airline miles - each for 125,000 points. This was done yesterday.
Immediately called Marriott Rewards. Was on hold/the phone for about 45 minutes. I have to file a police report, fill out a required form (notarized), and send a copy of my drivers license in order to get the points back. Fortunately, it was caught in time to get the points back and for them to stop the transfer of the airline miles.
The first thing I tried to do was to change my password and noticed that someone had gone in and changed my email address as well. They changed it to my name @yahoo.com.
This is scary stuff. Just a reminder for everyone else to check their accounts....
Immediately called Marriott Rewards. Was on hold/the phone for about 45 minutes. I have to file a police report, fill out a required form (notarized), and send a copy of my drivers license in order to get the points back. Fortunately, it was caught in time to get the points back and for them to stop the transfer of the airline miles.
The first thing I tried to do was to change my password and noticed that someone had gone in and changed my email address as well. They changed it to my name @yahoo.com.
This is scary stuff. Just a reminder for everyone else to check their accounts....
Last edited by dionnec123; Jun 7, 2012 at 10:56 am Reason: mistake
#2
Join Date: Dec 2004
Location: AUS
Posts: 690
Whoa. Good thing you're getting the points back.
LinkedIn had a big password hack recently. If anyone reading is using the same password on LinkedIn and on Marriott Rewards, change your MR password as soon as you can!
LinkedIn had a big password hack recently. If anyone reading is using the same password on LinkedIn and on Marriott Rewards, change your MR password as soon as you can!
#3
Community Director Emerita
Join Date: Oct 2000
Location: Anywhere warm
Posts: 33,747
Yikes, I'm glad that you caught it in a timely fashion and the points are being restored.
I have my accounts on AwardWallet and check it daily. I have yet to experience fraud, but it's a great way to see if there has been any account activity.
I have my accounts on AwardWallet and check it daily. I have yet to experience fraud, but it's a great way to see if there has been any account activity.
#4
Join Date: Jan 2008
Location: Plum Nelly
Programs: Marriott Bonvoy, Delta Sky Miles, and S&H Green Stamps
Posts: 636
#5
Join Date: Apr 2010
Location: Dallas
Programs: AA Gold; WN A-List Pref., CP; Marriott Plat.
Posts: 341
Here you go!
http://lmgtfy.com/?q=Award+Wallet
Sorry Old Hickory ... couldn't resist.
Best of luck to OP on the quick return of the missing points!
http://lmgtfy.com/?q=Award+Wallet
Sorry Old Hickory ... couldn't resist.
Best of luck to OP on the quick return of the missing points!
#6
Community Director Emerita
Join Date: Oct 2000
Location: Anywhere warm
Posts: 33,747
I love this tool:
www.awardwallet.com
I track the miles and points for both my husband and myself with one click. Here's a thread for any specific questions you might have about it:
http://www.flyertalk.com/forum/trave...ral-codes.html
The one program it does not support is American Airlines. AA forced AwardWallet to take down their program, which I think is a great shame. Thus, I don't get it checked daily, and fraud could go undetected for some time.
www.awardwallet.com
I track the miles and points for both my husband and myself with one click. Here's a thread for any specific questions you might have about it:
http://www.flyertalk.com/forum/trave...ral-codes.html
The one program it does not support is American Airlines. AA forced AwardWallet to take down their program, which I think is a great shame. Thus, I don't get it checked daily, and fraud could go undetected for some time.
#7
A FlyerTalk Posting Legend
Join Date: Aug 2002
Programs: UALifetimePremierGold, Marriott LifetimeTitanium
Posts: 71,110
Well I changed passwords on dif accounts after hearing about the Linkedin scenario, but didn't think about the the hotels & airlines passwords (which is weird, given I did remember them when my Skype account was hacked).
Sorry to hear about the OP's situation - BUT GREATLY APPRECIATE THE HEADS UP.
Cheers.
Sorry to hear about the OP's situation - BUT GREATLY APPRECIATE THE HEADS UP.
Cheers.
#8
Join Date: Apr 2007
Programs: BAEC Silver, WN CP, Marriott Gold
Posts: 424
I don't know if Yahoo offers a similar feature, but I turned on 2-factor authentication with Google recently and sleep much more soundly knowing that it would be extremely difficult for someone to compromise both my Gmail password (fairly easy with keyloggers/public computers) _AND_ my security code(s). There's an App that turns your smartphone into the keyfob, like the VPN keys that many companies give out - then the first time you login at a new computer, you have to enter both the PW and the code from your phone.
For more information, see the following Google Support topic: http://support.google.com/accounts/b...3945&ctx=topic
For more information, see the following Google Support topic: http://support.google.com/accounts/b...3945&ctx=topic
#9
Join Date: Aug 2003
Location: Mesilla, NM
Programs: DL DM 4.7 MM MQM Marriott Ambassador Lifetime Titanium AA CK
Posts: 2,714
I highly recommend www.keepass.com for password management.
#10
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,616
Although I use AwardWallet myself, it's a bit of a risk giving them your passwords. If they get hacked, all your accounts are open
#11
In memoriam
Join Date: Jan 2006
Location: ORD & BKK
Programs: UA 1K/MM; *A Gold Life; CX Gold; Marriott Platinum LT; SPG Plat; HHonors Diamond
Posts: 343
Hopefully a Solution
I also just changed my password as a result, but I also simply cancelled my Linkedin account. I have been a member for several years with about 150 links and have never seen the least bit of value in Linkedin. Never get a message from anyone--why bother with the exposure.
I am also very suspicious of any other social network such as Facebook and think that I will cancel it as well. Facebook is a huge target and will get hacked big time sooner or later. Most of the stuff posted there is simply nonesense, like photos of my friends' toddlers, graduation and prom photos, where someone went to lunch today, motivational and feel good stuff and stupid political stuff. I just don't need all this inane clutter in my life.
Before I get flamed I know that any web site can be a target, but I simply want to limit my exposure.
I am also very suspicious of any other social network such as Facebook and think that I will cancel it as well. Facebook is a huge target and will get hacked big time sooner or later. Most of the stuff posted there is simply nonesense, like photos of my friends' toddlers, graduation and prom photos, where someone went to lunch today, motivational and feel good stuff and stupid political stuff. I just don't need all this inane clutter in my life.
Before I get flamed I know that any web site can be a target, but I simply want to limit my exposure.
#12
Join Date: Mar 2012
Posts: 12
The best thing is to not use the same password for any site/system, a pain for sure, but password reuse is something the bad guys rely on.
#13
Join Date: Jul 2010
Posts: 343
For some reason, I check my account regularly. I checked it today and noticed that I was missing 375,000 points. Logged in and saw that there were three separate point transactions for airline miles - each for 125,000 points. This was done yesterday.
Immediately called Marriott Rewards. Was on hold/the phone for about 45 minutes. I have to file a police report, fill out a required form (notarized), and send a copy of my drivers license in order to get the points back. Fortunately, it was caught in time to get the points back and for them to stop the transfer of the airline miles.
The first thing I tried to do was to change my password and noticed that someone had gone in and changed my email address as well. They changed it to my name @yahoo.com.
This is scary stuff. Just a reminder for everyone else to check their accounts....
Immediately called Marriott Rewards. Was on hold/the phone for about 45 minutes. I have to file a police report, fill out a required form (notarized), and send a copy of my drivers license in order to get the points back. Fortunately, it was caught in time to get the points back and for them to stop the transfer of the airline miles.
The first thing I tried to do was to change my password and noticed that someone had gone in and changed my email address as well. They changed it to my name @yahoo.com.
This is scary stuff. Just a reminder for everyone else to check their accounts....
#14
Join Date: Mar 2012
Location: ATL
Posts: 347
I was notified of this breach around 3 today and went in to change all of my accounts passwords
#15
Join Date: Sep 2006
Location: Cumbria
Programs: BA, Marriott, Hertz, Dennis The Menace Fan Club
Posts: 2,015
Surely they can work out who the recipient of the miles is/was and find them?