The most important things to do here are:

1. Change password & PIN immediately. You have two different UA people pointing to "your computer". While further investigation might provide an IP address, it is easy for UA to see in the PNR code, how a cancellation occurred.

2. Take the UA supervisor's advice and call during regular business hours in the USA. UA will have an agent who acts as their liaison with CA. It will take time, but that is the only way to have effective communications between the two carriers. It is far from clear to me that CA will restore what OP had, but it is worth a shot.

3. In the meantime, take what UA offers. The passage of time does not work in your favor.

I'd push UA to open GF or BF inventory if rebooking on their metal.

Did you happen to share your itinerary with anyone that might want to mess with you??

All you need to cancel someone's flight(s) are the PNR and last name. If someone has those two things they can pull up your flight(s) and do pretty much anything they want as if they were you. If there were additional charges or something then they'd have to whip out their CC to make the payment but anything else is fair game.

Thanks for all your suggestions! Password/pin changed. Called UA again and talked to a supervisor based in Utah. She way patient and kind, and called CA, but CA refused to reinstate the itin. At the end, she requested 2 F open on that day for UA metal. In addition, she told me the IP address was the same for booking and cancellation, but clearly that day none of us used computer. So very strange.

^

Nice to hear about a positive result, and kudos to UA for a very kind customer service gesture.

She requested 2 f/c seats on UA flights, but did you get them confirmed and does your itin show ticketed?

Did you give her your IP to compare to what's in her records?


At first I was thinking that this might be related to the problems we have been hearing of with bogus changes happening that have gotten me to think that perhaps somebody's been sloppy with their programming and they have some sort of concurrency bug. However, that wouldn't explain the IP addresses.

Work or home computer? Could someone with physical access want to cause trouble?

Yes, it is confirmed and ticketed.

I don't know my IP address. It is home computer. I used the one she provided and checked at IPwhois, and I believe it was my Internet provider's IP.

Don't worry about the IP address comment. The history in SHARES is so convoluted, they probably didn't read it right anyway.

I don't think Air China canceled the tickets but someone who stole airchina's pax data base did this..

If Air China needs to cancel the ticket, then CA should tell directly to United. After that United should inform the pax in pax's setting language or English.. If the account holder received an email in Chinese, does it mean the ticket had been cancelled through United.com in Chinese?

They *should*, but in the case of the other thread, they didn't. There, there was only a cancellation e-mail in Chinese. Nothing more, if I remember correctly.

UAInsider - UA gotta stop CA award seat poacher from China!
 

During the past week, I've heard three incidents from my friends w/r/t UA award ticket (016 stock) with Air China (CA) award segments got mysteriously cancelled by somebody in China.

Victim 1: two first class award bookings (O class) with TPAC on CA985 (PEK-SFO); the expected travel date is in June 2014;

Victim 2: two first class award bookings (O class) with TPAC also on CA985 (PEK-SFO); the expected travel date is also in June 2014;

Victim 3: one business class award booking (I class) with TPAC also on CA985 (PEK-SFO); the expected travel date is also in June 2014.

All these three incidents started with receiving an email from MileagePlus in Chinese, stating their United award tickets were cancelled per their requests. Upon receiving these emails, their award seats could no longer be re-captured due to no award availability from CA on those TPAC segments.

These incidents, together with the one reported by MikeMpls (link attached below), revealed a bone-chilling scheme conspired by some award seat poachers in China:

MikeMpls's Post

People in this hemisphere may not be aware of how booming a business is at China right now for award seat scalping. Due to the language and food preference, CA (Air China) F and C cabin award seats are in high demand from Chinese travelers. As such, award seat scalpers in China are constantly looking for TPAC award inventory for their clients and if they find no inventories available, they will create availability by themselves.

How? It is well-known at China that TravelSky, the Chinese version of Amadeus, is fairly vulnerable to protect Chinese travelers' information. Unfortunately, it is also the case that if anybody purchases a flight ticket in China (e.g., to travel on CA, MU, or CZ), your personal information may very likely already be compromised through TravelSky. My best guess is: by accessing TravelSky's database, these Chinese scalpers were able to locate passenger information (e.g., first and last name) as well as ticket information (e.g., PNR# and cabin) for any CA flights, even if the tickets are issued on a 016 stock.

Now, how come only 016 stock tickets got cancelled by these scalpers, but not 037 (US) or 014 (AC) stock tickets? This all thanks to the super easy and hassle-free online award booking management system of UA. United.com only requests two piece of information from anybody in the world to accomplish a cancellation: PNR and last name, that's it.

Now UA has to do something to stop CA award seat poachers from China to protect MileagePlus members' award benefits. This shouldn't be a rocket science project but simply adding an additional layer of verification and security before anybody attempts to cancel a 016 stock award booking, such as booking may only be cancelled online when the account is logged in, or verified the pin code when cancelled through an agent.

UAInsider, your prompt reply to this issue will be very much appreciated. If you need those victims' information, please feel free to send me a PM. Thanks.

Do you have any proof regarding this issue? It sounds like a doable theory but you cannot just point finger at someone and hoping UA to do something(actually I do think they will do anything) regarding your issue.

That's horrible...

Such behavior is a criminal...

@UAinsider, please forward this message and improve necessary security verification when changing/cancelling tix...

For other ft folks, please pay attention to this.. If no such verification is improved, you may suffer pains when your tickets suddenly cancelled w/o your acknowledge and nothing can be returned...

If UA cares about this, they could contact the 3 alleged victims directly, and verify with each of them that they did not cancel the tickets. They can also look through their server logs to see if there is any commonality between where the cancellation requests are coming from (e.g. all from China, or all from the same VPN service to mask the actual location). If the alleged happenings actually happened, UA could be fairly certain of it by doing the above, without relying on just the word of the OP.