Any update from the OP on this? I had a similar issue that I discovered last week and have had difficulty getting any feedback from United on whether they're even investigating or have any information.

Thanks - just did that.

Same here.

Not true. I've never had a pin, always use a password & the tickets do ticket when booking online.

Cheers.

My United Account was Hacked.
 

Thanks to the United Airlines Corp Security department, I learned last night and this morning that there had been suspicious actiivity on my account. I was hacked. someone flew from algeria to istanbul on my miles. that same person made hotel reservations ala ME. I'm also informed that someone tried to cash out my miles into Amazon Gift cards. I didn't even know you could do that. I feel awful and freaked out. Any tips or pointers?

Here's my blog post - http://first2board.com/willrunformil...t-compromised/

if you need me, I'm busy changing passwords....

The password hardly matters when you have to have a PIN, the PIN is less secure, and you can login with the PIN.

Also blog spam :td:

Seems a little odd that OP has a blog post on it and instructions about changing passwords on UA, then comes here to post, then goes about changing passwords.
Also, how does a blogger with ads and a CC signup link not know that you can redeem miles for merchandise items....like gift cards?

ok--so OP sent me a pretty direct and rude PM about me+others here not having empathy. This isn't the case. I have empathy about the theft situation, but as OP of the thread might have now noticed, this isn't the first time this type of situation has happened. Also, instead of losing all her miles, OP's account was apparently flagged by UA and damage was minimal. Also, as others and myself have noted, OP has a month old blog (complete with CC signup!) and it comes across as blog spam. Maybe OP really thought she had something earth shattering to share (though why not post details here and not just on the blog?) but a quick writeup and then link to the blog really came across as a half-assed attempt at driving blog traffic here.

Forced Philanthropy - multiple transactions from my account to Make-a-Wish
 

Well, as noble a cause as it might be, UA decided this week to donate to Make-a-Wish 3 separate times out of my MileagePlus account. Only thing is, I didn't actually approve those donations!! Maybe it's a subtle hint to shame me into donating miles??

Called an agent who informed me that "me or someone with access to my account made those donations". Given that nobody except me should have access, and I didn't do it, I'm going with either system glitch or security problem.

Agent escalated to "Corporate Security" who is supposed to get back to me in 2-3 days. Place your bets now on whether I ever see these miles again...

hopefully united had the integrity to match your donation.

Could this possibly be related somehow to these issues?

http://www.flyertalk.com/forum/unite...ed-hacked.html

The agent's reply sounds that way...

A few small transactions are usually the way a criminal checks whether an account is being monitored. If there is no reaction for a while (e.g. changed password) then they will try for something much larger and hope to get away with it.

OP, hope you've changed your MP password/PIN...

Heartbleed?
 

Wonder if this is related to Heartbleed?

Wow, what is happening? Just changed my password. First time since I signed up for OnePass.

This must be the buzzword of the week.

100% but you will probably be required to sign a fraud declaration and / or police report.

This is just weird.

Nope.

It's the new "it must be the Russians"...

http://en.wikipedia.org/wiki/Availability_heuristic