Go Back  FlyerTalk Forums > Miles&Points > Airlines and Mileage Programs > United Airlines | MileagePlus
Reload this Page >

2014 UA Issued Awards on Air China (CA) Are Mysteriously Being Canceled (Hacked?)

Old Apr 21, 2014, 11:37 am
FlyerTalk Forums Expert How-Tos and Guides
Last edit by: Pat89339
A number of folks with award flights booked on CA (Air China) found their reservations cancelled. The only notification of cancellation appears to be an email in from UA written in chinese. UA reps confirmed that cancellations were made online and CA award space was no longer available. UA can rebook on other flights when award space is available.

It is plausible that a third party with access to PNR and pax name on the flight can fraudulently cancel an existing itinerary and book the reopened award seat.

Affected FlyerTalk members with links to where in this discussion they posted their experiences include:
  1. MikeMpls
  2. nihaoa
  3. lewende Reported 4 friends with this issue
  4. ordbkk
  5. twebst
  6. kb1992
  7. litesleeper
  8. zombietooth
  9. critten Reported 2/3 confirmations (3 people CA Business class) cancelled at the same time
  10. skyvanman Also 1 friend with the issue
  11. chris1234
  12. atiger29
  13. bubble o bill
  14. genemk2
  15. jefftiger
  16. CuddlyFlyer
  17. gpeso8
  18. imm2b
  19. acf1270
  20. dgxoxo
  21. ACM two passengers
Originally Posted by ordbkk
It seems everybody wants to see the message.. here was mine:
united.com 通知 - 航班预订取消
2014年4月17日 (星期四)
united.com | 优惠促销 | 预订 | 赢取前程万里 (MileagePlus) 奖励里程 | 我的帐户

先生 ORDBKK
您的预订 MYRES123 已取消,我们已收到您的退款申请。申请信用卡退款需 7 个工作日。如果信用卡退款未在一个付款周期内寄出,请联系信用卡公司。对于包括现金退款在内的 所有其他形式 的付款,需要 20 个工作日。

如需详细信息或查看退款的状态,请访问 united.com 并提供您的机票号码。

感谢您使用 united.com

电子邮件信息
请不要使用回复地址回复此邮件。
此电子邮件中的信息仅供原接收人使用。
如果您遇到技术问题,请通过电子邮件或电话联系 united.com 服务支持。
通知:机票取消确认
电子邮件地址: ORDBKK@MYEMAIL

Originally Posted by ordbkk View Post
For tracking purposes, I went through the 27 pages of this thread and compiled a list of those affected:

MikeMpls
nihaoa
lewende (reported 4 friends with this issue)
ordbkk
twebst
kb1992
litesleeper
zombietooth
critten
skyvanman (also 1 friend with the issue)
jefftiger (but, happened during October 2013)

So we're at 13 people affected, although some like critten have had multiple trips canceled.
From what I understand, all of these occurred in the last 3 weeks.
Print Wikipost

2014 UA Issued Awards on Air China (CA) Are Mysteriously Being Canceled (Hacked?)

Old Apr 22, 2014, 9:27 am
  #496  
 
Join Date: Mar 2003
Posts: 1,232
ALL of those effected need to :
1. Send an email to Smisek, Compton, O''Toole
2. Copy all correspondence to Scott McCartney at WSJ, Christopher Elliot at Elliot.org, Ben Mutzabaugh at USA Today , and the Conde Nast Ombudsmen department
3.Send a complaint to the DOT - they may not be able to help but need to be aware of the situation , especially if this is a major hack or lack of security

Just my 2 cents
Mister Nice is offline  
Old Apr 22, 2014, 11:00 am
  #497  
FlyerTalk Evangelist
 
Join Date: Dec 2007
Location: BOS/ORH
Programs: AS 75K
Posts: 18,323
Originally Posted by UA_Flyer
Mine three F award tickets are still effective, although the travel date is over 2 months from now.

Fingers crossed it won't happed to me.
Im watching mine very closely. Sure hope nothing happens, well at least until i get to my final destination as i already have a backup return award on hold using my AS miles.

Originally Posted by IAHUArunner
is there anything you can do to prevent ? Sending an Email to UA customer service Expressing that you DO NOT WANT THIS reservation TO CANCEL and you DO NOT WANT A REFUND. Copy this WIKI page as the reason for your request.
I'm questioning the same if there is someting i need to do to indicate to UA that i have no plans on making any changes to my reservation?
CDKing is offline  
Old Apr 22, 2014, 11:22 am
  #498  
FlyerTalk Evangelist
 
Join Date: Mar 2010
Location: DAY
Programs: UA 1K 1MM; Marriott LT Titanium; Amex MR; Chase UR; Hertz PC; Global Entry
Posts: 10,137
Originally Posted by critten
Just an update: I have sent requested documents to UA Insider after a response! Finally! Lets hope the staff can get the ball rolling to prevent future cancellations
Good to hear UA is engaging. Thanks for the update.

Fingers crossed for everyone.

(I contemplated reserving a CA leg for an upcoming trip, but went with ANA instead. Seems I chose wisely...for once.)
goodeats21 is online now  
Old Apr 22, 2014, 12:13 pm
  #499  
 
Join Date: Mar 2013
Location: India, & Great State of TEXAS
Programs: AA EX-Plat ** , UA 1K, IHG platinum
Posts: 102
Originally Posted by CDKing
Im watching mine very closely. Sure hope nothing happens,

I'm questioning the same if there is someting i need to do to indicate to UA that i have no plans on making any changes to my reservation?
I am not sure how they document telephone CS interactions, But you will at least have it well documented incase . You cannot plan these trips and then hope your reservation stays good till your day of travel. UA should have a system in place at least to stop any more of these hacks by now. why cant they block electronic cancellations of any reservations that have a CA leg or CA confirmation numbers?

Last edited by IAHUArunner; Apr 22, 2014 at 12:15 pm Reason: typo
IAHUArunner is offline  
Old Apr 22, 2014, 3:30 pm
  #500  
FlyerTalk Evangelist
 
Join Date: Mar 2012
Posts: 19,395
Originally Posted by Mister Nice
ALL of those effected need to :
1. Send an email to Smisek, Compton, O''Toole
2. Copy all correspondence to Scott McCartney at WSJ, Christopher Elliot at Elliot.org, Ben Mutzabaugh at USA Today , and the Conde Nast Ombudsmen department
3.Send a complaint to the DOT - they may not be able to help but need to be aware of the situation , especially if this is a major hack or lack of security

Just my 2 cents
If I were affected by this (thankfully, I'm not) I would additionally, given the lack of responsiveness from the airline(s) involved, contact my senators and congress critter as well as the U.S. Secretaries of Transportation, Homeland Security, and Commerce. DHS because the ability to manipulate PNRs so cavalierly has obvious security implications and Commerce because the fraudulent activity is taking place via the Internet. Perhaps a full broadside might get United's attention?
kale73 is offline  
Old Apr 22, 2014, 3:32 pm
  #501  
Suspended
 
Join Date: May 2011
Location: SFO
Programs: UA 1K
Posts: 1,961
Originally Posted by kale73
the ability to manipulate PNRs so cavalierly has obvious security implications
Like what? Terrorists are going to cancel millions of flight reservations to wreak havoc?
DaviddesJ is offline  
Old Apr 22, 2014, 3:52 pm
  #502  
 
Join Date: Dec 2013
Posts: 163
Originally Posted by mgcsinc

Sadly, no breach of contract claim because it's (probably) preempted by federal law, and specific performance is an unlikely extraordinary remedy.
It's my understanding that the ADA does not preclude a breach of contract claim.
Daveyb101 is offline  
Old Apr 22, 2014, 4:03 pm
  #503  
 
Join Date: Oct 2012
Location: Chicago
Programs: UA 1k
Posts: 83
Originally Posted by kale73
If I were affected by this (thankfully, I'm not) I would additionally, given the lack of responsiveness from the airline(s) involved, contact my senators and congress critter as well as the U.S. Secretaries of Transportation, Homeland Security, and Commerce. DHS because the ability to manipulate PNRs so cavalierly has obvious security implications and Commerce because the fraudulent activity is taking place via the Internet. Perhaps a full broadside might get United's attention?
FYI, United has begun reaching out to those affected. I was told they are investigating and I've provided them with the details of my reservation. Let's give them some time to research what's happening and hope for swift resolution.
ordbkk is offline  
Old Apr 22, 2014, 5:15 pm
  #504  
Moderator: Mileage Run, United Airlines; FlyerTalk Evangelist
 
Join Date: Jan 2004
Location: The City/Honolulu
Programs: UA 3MM; Hyatt Glob*****; Hilton Diamond
Posts: 14,472
Originally Posted by ordbkk
FYI, United has begun reaching out to those affected. I was told they are investigating and I've provided them with the details of my reservation. Let's give them some time to research what's happening and hope for swift resolution.
Since the first post on this matter was on March 31st, don't you think they should have been researching this already? I am, frankly, appalled that it has taken them this long to reach out to those affected.
Pat89339 is offline  
Old Apr 22, 2014, 5:40 pm
  #505  
 
Join Date: Apr 2014
Posts: 13
Originally Posted by goodeats21
Good to hear UA is engaging. Thanks for the update.

Fingers crossed for everyone.

(I contemplated reserving a CA leg for an upcoming trip, but went with ANA instead. Seems I chose wisely...for once.)
UA has engaged with me as well...they have formed a team to work this...hoping for a good outcome. Fingers appropriately crossed!
litesleeper is offline  
Old Apr 22, 2014, 5:45 pm
  #506  
 
Join Date: Jan 2010
Location: Aussie in ORD
Programs: Marriott Plat, Ua Gold, GE.. Sucker for punishment
Posts: 4,237
All I can say is that anyone who doubts the value of FT in this is kidding them selves! I have watched this thread with interest and have no doubt it has played a major role..
(Gratefully unaffected!)
cyclogenesis is offline  
Old Apr 22, 2014, 6:05 pm
  #507  
FlyerTalk Evangelist
 
Join Date: Apr 2008
Location: LGA/JFK/EWR
Programs: UA 1K1.75MM, Hyatt Globalist, abandoned Marriott LTT (RIP SPG), Hertz PC
Posts: 21,165
Originally Posted by DaviddesJ
Like what? Terrorists are going to cancel millions of flight reservations to wreak havoc?
Seriously...no need for this It's pretty obvious the poster isn't referring to national security or the like.
UA-NYC is offline  
Old Apr 22, 2014, 6:19 pm
  #508  
Suspended
 
Join Date: May 2011
Location: SFO
Programs: UA 1K
Posts: 1,961
Originally Posted by UA-NYC
Seriously...no need for this It's pretty obvious the poster isn't referring to national security or the like.
He's talking about referring the cancellation of CA award travel to the Department of Homeland Security, because of its obvious security implications. Feel free to explain what those are.
DaviddesJ is offline  
Old Apr 22, 2014, 6:30 pm
  #509  
 
Join Date: May 2001
Location: Portland, OR, USA
Programs: UA 1K 3 Million/ex-many year GS, AA PLT/2 Mil, AS MVPG, HH Dia, Starwood Life Plat, Hertz PC
Posts: 1,401
Originally Posted by DaviddesJ
He's talking about referring the cancellation of CA award travel to the Department of Homeland Security, because of its obvious security implications. Feel free to explain what those are.
I agree that contacting DHS would be pretty far over the top. However, I will observe in a more level manner that UA definitely represents critical infrastructure within the US in the sense that a massive disruption of UA services would cost the US economy quite a lot. The type of security hole that this seems to represent (i.e., unprotected cancellation of other people's reservation) isn't limited to award tickets issued with CA segments. It is a general security hole. Were someone able to get a list of RLs/Names one could certainly create havoc for a day or two with business travel even within the US. The safeguard would seem to be that you can't get that list unless you have segments on other carriers that do not safeguard that information. However, since I doubt that anyone has seriously considered RL/Name pairs particularly sensitive information (private sure but sensitive likely less so) it is hard to know how difficult/easy acquiring such a list would be. This is why I noted earlier that UA is operating here with well below what I would call industry standard practice security. Doing that, at the least, exposes UA to sanctions either via legal processes or via DOT, but moreover it creates unnecessary risk to the larger transport system integrity were someone to get such a list and do mass cancellations.
pdx1M is offline  
Old Apr 22, 2014, 8:45 pm
  #510  
 
Join Date: Mar 2013
Location: India, & Great State of TEXAS
Programs: AA EX-Plat ** , UA 1K, IHG platinum
Posts: 102
Originally Posted by litesleeper
UA has engaged with me as well...they have formed a team to work this...hoping for a good outcome. Fingers appropriately crossed!
That is good. Hopefully they can work out something with CA. Meanwhile all who checking their reservations 5 times a day expecting the worse, keep doing the same. When will we see an official announcement about this from UA?
IAHUArunner is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.