Go Back  FlyerTalk Forums > Miles&Points > Airlines and Mileage Programs > United Airlines | MileagePlus
Reload this Page >

UA sent me another person's receipt or travel info / sent my info to wrong email

UA sent me another person's receipt or travel info / sent my info to wrong email

Old Dec 28, 2008, 4:06 pm
  #1  
Moderator: United Airlines
Original Poster
 
Join Date: Jun 2007
Location: SFO
Programs: UA Plat 1.99MM, Hyatt Discoverist, Marriott Plat/LT Gold, Hilton Silver, IHG Plat
Posts: 66,580
UA sent me another person's receipt or travel info / sent my info to wrong email


Received an email from United for a DSM-ORD-PWM trip, 3 persons for tommorrow. Only problem, it is not mine and I do not know the people.

Unlikely they have any e-mail similiar to mine -- names very different. Appears this was booked last month and they have not MP number.

Very odd, any ideas how this happens?
I don't see a need to do anything, correct??
WineCountryUA is offline  
Old Dec 28, 2008, 4:16 pm
  #2  
 
Join Date: Jul 2008
Location: BDL
Programs: AA PLT, UA 1K (2k), Hyatt Diamond, SPG Platinum, HHonors Gold
Posts: 683
^^^ Never heard this case before. I'd probably just call and get it straightened up.
futureacnp is offline  
Old Dec 28, 2008, 4:34 pm
  #3  
 
Join Date: Jul 2007
Location: Expat in SIN
Programs: UA Plat, TK Gold, *G
Posts: 1,452
Sure, you can call them!

However, I don't get how some people still don't take advantage of FF programs.

Might not have enough for an upgrade or free flighs, but surely enough for a magazine.
bsb21 is offline  
Old Dec 28, 2008, 4:56 pm
  #4  
 
Join Date: Dec 2004
Location: BUR/LAX
Programs: UA 1K/2MM, HHonors Diamond, IHG Diamond Elite
Posts: 2,504
I bet if you call, they'll just tell you to erase the email.
wilp888 is offline  
Old Dec 28, 2008, 5:59 pm
  #5  
 
Join Date: Jul 2008
Location: BDL
Programs: AA PLT, UA 1K (2k), Hyatt Diamond, SPG Platinum, HHonors Gold
Posts: 683
I'm still trying to rule out possibilities as to why the OP could receive a totally random email like that.
futureacnp is offline  
Old Dec 28, 2008, 6:13 pm
  #6  
Moderator Hilton Honors, Travel News, West, The Suggestion Box, Smoking Lounge & DiningBuzz
 
Join Date: Jun 2000
Programs: Honors Diamond, Hertz Presidents Circle, National Exec Elite
Posts: 35,996
In the last 10 years, it happened to me once with UA and once with Hilton.
cblaisd is offline  
Old Jun 22, 2011, 7:53 pm
  #7  
 
Join Date: Oct 2008
Location: COS
Posts: 253
UA showing someone else's information

I was trying to check-in for a united flight about six weeks ago, and when I tried, and there's the screen for passport information it was already populated...with some other guy's information. I could see his full name, last three digits of passport number, passport expiration, etc. I went to the airport (COS) and the same thing happened at the kiosk. I flagged it to a member of staff who said not to worry about it. I made a mental note to report it to united, but forgot.

Then it happened again earlier this month. I was pretty hot about it, and fired off an email to the 1k mailbox, and copied Jeff Smisek. I asked for four things: to know whether my personal information had been compromised like the other guy; that the other guy be notified; that the situation be rectified asap; and an apology.

Within an hour, I had a call from a guy in IT who said that the security group had never seen anything like that before and they would try to figure out how it happened. The next day I had a call from someone else, who didn't know about the call I'd already had. She said that it was a brand new issue, and it was because of a continental itinerary associated with my MP account. Couple of days later I got a call from yet another person, who didn't know about the other calls. She said that it was a known issue, and it was because of a continental itinerary blah blah blah.

At this point, I don't have a lot of faith in anything they're doing or telling me. For a start, I've had a number of permutations. Also, the last time I flew continental was in January, to ARN via AMS (or maybe FRA). So if it's a new issue, the cause can't be the continental flight, clearly.

The one thing that did work was that they deleted the other guy's information from my profile.

Finally, I got an email from united offering me a $200 goodwill certificate, valid only for domestic travel within the U.S. (and so, given my personal circumstances and travel preferences, completely useless for me). I responded, copied Smisek again and said that it was a lousy offer of goodwill for a potentially massive security breach involving my personal sensitive data. No response.

Thought I'd share it here, for your interest. And you might want to check who's passport information is saved in your MP profile...

Last edited by iluv2fly; Jun 22, 2011 at 8:08 pm Reason: personal information
benblaney is offline  
Old Jun 22, 2011, 8:00 pm
  #8  
 
Join Date: Feb 2011
Programs: CO Platinum / BA Gold
Posts: 780
If you enter your MP number into a *A itinerary that includes UA flights, the UA flights show up on UA.com when you log in.

(I know this because I used my MP number for a Expedia-sold BMI-stock AC-codeshare UA/AC-metal itinerary and it showed up on UA.com with no other action on my part.)

So, if someone messed up and put in your MP number rather than theirs, you would see their reservation including any associated passenger details.
rruaco is offline  
Old Jun 23, 2011, 9:58 am
  #9  
Moderator: Smoking Lounge; FlyerTalk Evangelist
 
Join Date: Feb 2004
Location: SFO
Programs: Lifetime (for now) Gold MM, HH Gold, Giving Tootsie Pops to UA employees, & a retired hockey goalie
Posts: 28,867
I had a "release" of someone else's information where I was e-mailed their itinerary (and I had all their personal information [mp#, phone, pp# and etc]) but in my case, it was because the rep I spoke with did not clear their screen after I called and my e-mail address was still populated. I called and the new rep simply removed my e-mail address and added the correct information. I can see the error happening but still not good.
goalie is offline  
Old Jun 23, 2011, 10:18 am
  #10  
 
Join Date: Jul 2010
Location: LAX
Programs: DL-PM | UA-1K | HH-Gold
Posts: 938
Yet another example of the wonderful rabbit-hole that is UA IT. A number of times I've gone to check-in at an airport and had an issue with the kisok to find out from the agent that "your name does not match the MP# on the ticket?!" and then realize that UA's system has somehow attached my girlfriends MP# (which is in a companion profile) to my itinerary. 9 times out of 10 when I get "prepare for your upcoming trip" e-mails it shows my name/reservation (and even my name in the "hello ORD-LIH" e-mail text) but somehow her MP#. If I look at the e-ticket it's my MP#. In all my questions of how this happens the response is always "we have no idea".

Good clean fun. I hope all these fare increases can drive some cap-ex to better systems.

Last edited by ORD-LIH; Jun 23, 2011 at 10:25 am
ORD-LIH is offline  
Old Jun 23, 2011, 10:24 am
  #11  
 
Join Date: Apr 2008
Posts: 2,358
Originally Posted by benblaney

I was trying to check-in for a united flight about six weeks ago, and when I tried, and there's the screen for passport information it was already populated...with some other guy's information. I could see his full name, last three digits of passport number, passport expiration, etc.

Then it happened again earlier this month. I was pretty hot about it, and fired off an email to the 1k mailbox, and copied Jeff Smisek. I asked for four things: to know whether my personal information had been compromised like the other guy; that the other guy be notified; that the situation be rectified asap; and an apology.
Although this information should not have been shown in your account, what harm was done by seeing someones' name and the last three digits and expiration date of the passport? This little bit of information is not a basis for identity theft. The date of birth is missing as well as other identifying data. There is no city listed -

I am not clear why you would ask United for an apology over this minor error.

Originally Posted by benblaney

Finally, I got an email from united offering me a $200 goodwill certificate, valid only for domestic travel within the U.S. (and so, given my personal circumstances and travel preferences, completely useless for me). I responded, copied Smisek again and said that it was a lousy offer of goodwill for a potentially massive security breach involving my personal sensitive data.
I am also not clear why you would expect compensation over this error even though you classified the error as "potentially massive security breach involving my personal sensitive data" at the same time you have no knowledge that your name appeared in another passengers' account.

In the end, the situation is merely one more (of many) computer problems with United.com, not some "potentially massive security breach."
-
dgcpaphd is offline  
Old Jun 23, 2011, 10:42 am
  #12  
 
Join Date: Nov 2007
Location: Washington DC
Programs: Former 1k, Lifetime UA Gold, Starwood Gold; Avis Preferred; Hertz Gold
Posts: 1,728
Originally Posted by benblaney
I was trying to check-in for a united flight about six weeks ago, and when I tried, and there's the screen for passport information it was already populated...with some other guy's information. I could see his full name, last three digits of passport number, passport expiration, etc. I went to the airport (COS) and the same thing happened at the kiosk. I flagged it to a member of staff who said not to worry about it. I made a mental note to report it to united, but forgot.

Then it happened again earlier this month. I was pretty hot about it, and fired off an email to the 1k mailbox, and copied Jeff Smisek. I asked for four things: to know whether my personal information had been compromised like the other guy; that the other guy be notified; that the situation be rectified asap; and an apology.

Within an hour, I had a call from a guy in IT who said that the security group had never seen anything like that before and they would try to figure out how it happened. The next day I had a call from someone else, who didn't know about the call I'd already had. She said that it was a brand new issue, and it was because of a continental itinerary associated with my MP account. Couple of days later I got a call from yet another person, who didn't know about the other calls. She said that it was a known issue, and it was because of a continental itinerary blah blah blah.

At this point, I don't have a lot of faith in anything they're doing or telling me. For a start, I've had a number of permutations. Also, the last time I flew continental was in January, to ARN via AMS (or maybe FRA). So if it's a new issue, the cause can't be the continental flight, clearly.

The one thing that did work was that they deleted the other guy's information from my profile.

Finally, I got an email from united offering me a $200 goodwill certificate, valid only for domestic travel within the U.S. (and so, given my personal circumstances and travel preferences, completely useless for me). I responded, copied Smisek again and said that it was a lousy offer of goodwill for a potentially massive security breach involving my personal sensitive data. No response.

Thought I'd share it here, for your interest. And you might want to check who's passport information is saved in your MP profile...
I had something like this happen a week ago. Was using a public hotel computer. What I couldn't figure out was that .BOMB showed my name and FF info, but when I tried to check in it showed someone elses name and a completely different flight. Logged out and then back in and it was gone. Really very strange and disturbing.
DCEsquire is offline  
Old Jun 23, 2011, 12:13 pm
  #13  
 
Join Date: Oct 2008
Location: COS
Posts: 253
Originally Posted by dgcpaphd
In the end, the situation is merely one more (of many) computer problems with United.com, not some "potentially massive security breach."
-
1. A fractional breach is a breach. No question.

2. Any competent IT Manager would have systems in place to prevent these types of fractional breaches.

3. I prefer my personal information to be treated with the highest standard of care. How odd that you seemingly don't.

4. I don't actually care about any compensation. I didn't ask for any, but they offered. And what they offered was lame (they gave me 9000 MP miles I didn't ask for a couple of months ago, just for missing one connection). I would have been happier had they offered nothing but an apology.
benblaney is offline  
Old Jun 23, 2011, 1:09 pm
  #14  
 
Join Date: Dec 2007
Location: Las Vegas
Programs: DL Platinum, AA Lifetime Gold, Hilton Diamond, Marriott Platinum, Radisson Premium
Posts: 6,635
I've had this issue too once or twice when logging into MP and once or twice from an AA email. Airlines really need to work out these IT issues-privacy breaches are serious biz.
demkr is offline  
Old Jun 23, 2011, 9:18 pm
  #15  
 
Join Date: Aug 2007
Location: NoCal
Programs: UA 1K 2.7MM
Posts: 232
I love the apologists who post on this forum. If you can't understand why this is a significant data breach than please don't clutter up this forum with your comments. OP is correct on every count, and the fact that each time a UA IT person sees this issue (and isn't able to know who else has) and calls, shows that the UA IT also understands this is a significant data breach. Thanks to OP for not letting this *minor* [loud laughter] breach go unnoticed.

Originally Posted by dgcpaphd
Although this information should not have been shown in your account, what harm was done by seeing someones' name and the last three digits and expiration date of the passport? This little bit of information is not a basis for identity theft. The date of birth is missing as well as other identifying data. There is no city listed -

I am not clear why you would ask United for an apology over this minor error.



I am also not clear why you would expect compensation over this error even though you classified the error as "potentially massive security breach involving my personal sensitive data" at the same time you have no knowledge that your name appeared in another passengers' account.

In the end, the situation is merely one more (of many) computer problems with United.com, not some "potentially massive security breach."
-
ual1960 is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.