Last edit by: WineCountryUA
This thread to follow reports of MP accounts that actually have been hacked / improperly accessed. If you have missing miles and beleive you have been hacked, contact [email protected]
In Suspended MP Accounts / Third Party Vendor "Security Breach?" - Dec 2014 there is discussion of a security breach of a 3rd party that UA seems to believe may lead to inappropriate access to UA accounts via the username method of logging into united.com. Let's follow the breach and log-in changes in the above thread.
A separate(?) "access denied" issue is covered in Consolidated " Is united.com or parts of it Down?" thread
In Suspended MP Accounts / Third Party Vendor "Security Breach?" - Dec 2014 there is discussion of a security breach of a 3rd party that UA seems to believe may lead to inappropriate access to UA accounts via the username method of logging into united.com. Let's follow the breach and log-in changes in the above thread.
A separate(?) "access denied" issue is covered in Consolidated " Is united.com or parts of it Down?" thread
UA Account Hacked / Reports of Fraudulent Award Travel Redemption
#121
Moderator: United Airlines
Join Date: Jun 2007
Location: SFO
Programs: UA Plat 1.995MM, Hyatt Discoverist, Marriott Plat/LT Gold, Hilton Silver, IHG Plat
Posts: 66,857
And file a police report but I suspect the response for the police will underwhelm you. They have bigger issues (small dollar, non-violent crime -- but there is likely a computer crime department).
#122
Join Date: Nov 2010
Location: NYC
Programs: AA EXP, Hilton GLD, Marriott Plat, NEXUS/GE
Posts: 2,872
Checking IDs against boarding passes is there to protect revenue for the airlines (by keeping you from easily reselling your nonrefundable tickets to someone else).
#123
Join Date: Dec 2009
Location: COS
Programs: UA Gold/1.5MM (several years running now!), Marriott LTTE, Hertz Prez
Posts: 1,899
I don't follow the agent's logic here? If he/she feels this person must be so close to you, then why not identify them to you?? It's your account and should be able to verify the details of any transaction against it.
Has this moron never heard of keystroke loggers? And how many of us have found ourselves, at one time or another, needing to use a public use computer for which we have no control over the security measures taken (or not) to check or change something with an itinerary? Just truly absurd. I acknowledge the paradox here, but one truly hopes that karma visits a digital compromise on this individual resulting in irrevocable loss and suffering.
Has this moron never heard of keystroke loggers? And how many of us have found ourselves, at one time or another, needing to use a public use computer for which we have no control over the security measures taken (or not) to check or change something with an itinerary? Just truly absurd. I acknowledge the paradox here, but one truly hopes that karma visits a digital compromise on this individual resulting in irrevocable loss and suffering.
#124
A FlyerTalk Posting Legend
Join Date: Apr 2013
Location: PHX
Programs: AS 75K; UA 1MM; Hyatt Globalist; Marriott LTP; Hilton Diamond (Aspire)
Posts: 56,467
I don't follow the agent's logic here? If he/she feels this person must be so close to you, then why not identify them to you?? It's your account and should be able to verify the details of any transaction against it.
Has this moron never heard of keystroke loggers? And how many of us have found ourselves, at one time or another, needing to use a public use computer for which we have no control over the security measures taken (or not) to check or change something with an itinerary? Just truly absurd. I acknowledge the paradox here, but one truly hopes that karma visits a digital compromise on this individual resulting in irrevocable loss and suffering.
Has this moron never heard of keystroke loggers? And how many of us have found ourselves, at one time or another, needing to use a public use computer for which we have no control over the security measures taken (or not) to check or change something with an itinerary? Just truly absurd. I acknowledge the paradox here, but one truly hopes that karma visits a digital compromise on this individual resulting in irrevocable loss and suffering.
By contrast, I recently had unauthorized activity in my Amazon account. I called, and they GOT IT immediately. I could not be more satisfied with how quickly and effectively Amazon responded.
#125
Join Date: Jan 2009
Location: TUL
Programs: AA EXP 2MM; Marriott Titanium; Hilton Diamond; Hyatt Explorist; Vistana 5* Elite; Nat'l Exec Elite
Posts: 6,177
This is the same reaction that customers initially got when they reported unauthorized cancellations of their CA itineraries - UA customer service refused to believe the activity was unauthorized and refused to do anything. It is to me a horrible indictment of UA's customer service that when presented with an instance of unauthorized account activity, their consistent first reaction is to blame the customer.
#126
Join Date: Aug 2004
Location: San Juan Capistrano, CA
Programs: UA Premier Gold (1MM), AS MVP
Posts: 989
To the OP, sorry to hear it happened. Of course I would go after it, afterall, you are out the miles, which I imagine for even a relatively (?) short flight, at standard award level, is not small change. I would not put up with the implication that you did it. I have been accused of cancelling a reservation (I forget all the circumstances exactly) online by UA in the last year, and their only point to stand on was that if it was "cancelled online", by their logic it MUST have been done by me. For all the reasons mentioned above, that is faulty logic.
#127
Join Date: Mar 2001
Location: IAH
Programs: UA 1K/*G
Posts: 2,397
Could UA allege fraud and charge the full fare to that card?
#128
Join Date: May 2009
Location: Washington, DC
Programs: UA 1K 1MM, AA, DL
Posts: 7,418
Depart:
15:27
Fri., Jun. 6, 2014
Kosrae, Federated State of Micronesia (KSA)
Arrive:
02:50
Fri., Jun. 6, 2014
Honolulu, HI (HNL)
Flight Time:
8 hr 23 mn
Travel Time:
8 hr 23 mn
Flight: UA155
Aircraft: Boeing 737-800
Meal: Dinner
No Special Meal Offered.
See On-Time Performance
View Seats
2 Stops. Time on the ground in Kwajalein, Marshall Islands (KWA) is 39 minutes. Time on the ground in Majuro, Marshall Islands (MAJ) is 48 minutes.
#129
Join Date: Mar 2001
Location: IAH
Programs: UA 1K/*G
Posts: 2,397
#130
Join Date: Jan 2014
Location: NYC
Programs: UA 1K, GE/Nexus, Marriott Gold
Posts: 266
OP, IMHO, the jurisdiction here belongs to the FBI. (You are also likely to get more traction from them than from the local police department.) Internet Crime Complaint Center (IC3) has a site for such complaints at:
http://www.ic3.gov/complaint/default.aspx
Also, I would call and tell UA that you are reporting this to the FBI; their reaction is likely to be somewhat less dismissive, especially if you escalate.
Also, changing your current PIN, email address and CC - basically everything associated with you UA account - is probably an excellent idea.
Finally, if you know a local journalist...
http://www.ic3.gov/complaint/default.aspx
Also, I would call and tell UA that you are reporting this to the FBI; their reaction is likely to be somewhat less dismissive, especially if you escalate.
Also, changing your current PIN, email address and CC - basically everything associated with you UA account - is probably an excellent idea.
Finally, if you know a local journalist...
#131
Join Date: Oct 2009
Location: SNA
Programs: UA 1MM, Global Entry, Avis President's Club
Posts: 274
I think that the logic in filing a police report is that it will hopefully convey to the Fraud Department at UA that this is in fact a real problem, and not a situation as originally claimed by the customer service agent that someone close to the OP took the trip.
By filing the police report and then providing that report number to UA, the OP is telling UA that this is a serious matter (to the OP) and that they would like UA to also take it seriously.
I don't believe that anyone here actually believes that any police department in any jurisdiction would take this single case on its own seriously and actually do anything. But it might help the OP in making the case to UA that this is for real and not some sort of goof on the OP's part (or anyone close to him/her).
By filing the police report and then providing that report number to UA, the OP is telling UA that this is a serious matter (to the OP) and that they would like UA to also take it seriously.
I don't believe that anyone here actually believes that any police department in any jurisdiction would take this single case on its own seriously and actually do anything. But it might help the OP in making the case to UA that this is for real and not some sort of goof on the OP's part (or anyone close to him/her).
#132
Join Date: Apr 2013
Location: NYC/WAS
Programs: UA GS, AA EXP, DL '90s PM, now FK (Flying Kettle)
Posts: 541
And the use of a third-party credit card (MP account in one name, flyer another name, credit card third name, conf e-mail not sent to address currently on account) somehow fails to indicate fraud?
#133
FlyerTalk Evangelist
Join Date: Mar 2012
Posts: 19,508