Executive Club [Account] Hacked... what's next?
#1
Original Poster
Join Date: Aug 2015
Location: Hong Kong
Programs: Hilton Honors Gold, Marriott Gold, BA Silver, Hertz President's Club
Posts: 483
Executive Club [Account] Hacked... what's next?
I've done the obvious (ie. call BA, account blocked).
Has anyone else had this happen to them? If so - is this process quite straight forward and pain free?
Has anyone else had this happen to them? If so - is this process quite straight forward and pain free?
#2
Join Date: Feb 2010
Location: London
Programs: BA GGL (for now) and Lifetime Gold, Marriott fan thanks to Bonvoy Moments
Posts: 5,115
sorry to hear. Believe your account may get put into audit and won't be able to make redemptions until resolved. Out of interest was there a redemption made? Seem to recall a Russian angle to many previous reports
#3
Original Poster
Join Date: Aug 2015
Location: Hong Kong
Programs: Hilton Honors Gold, Marriott Gold, BA Silver, Hertz President's Club
Posts: 483
Yes, a redemption was made (I won't disclose any details for now). I'm not in a rush to make any redemptions so that's fine.
#5
Join Date: Mar 2014
Location: BOS/MAN
Programs: BAEC Gold
Posts: 168
I'd recommend changing your passwords, especially any that may have been the same or similar to your BAEC account. Always a good idea to change your email password as well, just in case. Hope this is resolved quickly for you.
#6
Join Date: Aug 2012
Location: BHD
Posts: 133
My account was hacked a couple of years ago with a few Russian redemptions made. I had to make a few calls to BA before someone actually took ownership and did something about it. One of the booked flights was less than T-24...
It tookabout 6 weeks 33 days for the audit to take place. BA did say I could still make redemptions during that time but they had to be made by phone. (I don't know how true or easy that would have been as I didn't need to make any.) You can still earn avios during the audit...they are just debited out a day or so after they arrive. And all returned once the audit is complete.
It took
Last edited by paul78; Jun 22, 2017 at 1:51 pm
#7
Join Date: Feb 2007
Programs: BA Gold, Hilton Diamond
Posts: 329
Got done in February for over 700k Avios on a hotel booking in Budapest with some very dodgy Russian names on the reservation. Took 2 months to sort out got the Avios back but strangely the hotel booking didnt get cancelled! Seems to happen alot and the password was very complicated so hard to think it was compromised...
#8
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,373
Did you ever get an email notification that the password on your account was changed or were the scammers happy to use the passwords you selected?
#9
formerly maskelo
Join Date: Feb 2008
Posts: 255
Definitely change the email password and also any accounts that might be discoverable from your email account. You'll need to watch everything carefully for a while.
Did you ever get an email notification that the password on your account was changed or were the scammers happy to use the passwords you selected?
Did you ever get an email notification that the password on your account was changed or were the scammers happy to use the passwords you selected?
+1 would be curious to know as well...and good luck on this rather annoying journey
#10
Original Poster
Join Date: Aug 2015
Location: Hong Kong
Programs: Hilton Honors Gold, Marriott Gold, BA Silver, Hertz President's Club
Posts: 483
To everyone else: thanks for sharing your experiences. At least I have a time scale of how things would progress. When I called them up, they said 48 hours which I thought was too good to be true....
#11
Join Date: Sep 2015
Location: YYZ (ex-LHR)
Programs: BA Silver, VS Red, OZ Silver
Posts: 446
It happened to me. Hacker changed the account email address so I couldn't see anything. Called immediately.
Took a lifetime to get resolved, and when it was unlocked, I had to call again because the hacker changed the country to Norway and I couldn't change it back online.
Very friendly call centre agent remarked 'it's amazing what hackers can do nowadays'. I mentioned how it's not particularly difficult when something so valuable doesn't have two-factor authorisation.
I'm sure two-factor will come at some point around 2030. We'll get TSA-Precheck around that time, too.
Took a lifetime to get resolved, and when it was unlocked, I had to call again because the hacker changed the country to Norway and I couldn't change it back online.
Very friendly call centre agent remarked 'it's amazing what hackers can do nowadays'. I mentioned how it's not particularly difficult when something so valuable doesn't have two-factor authorisation.
I'm sure two-factor will come at some point around 2030. We'll get TSA-Precheck around that time, too.
#12
Join Date: Aug 2012
Posts: 2,676
While I'd appreciate two factor - I'd really want it either a) with a good remember me function as per google's gmail or b) only at the point of purchase.
I login too often to be confronted by 'enter this value from sms/authenticator' every single time.
However, due to PCI compliance - I'm pretty sure a) couldn't be done without also doing b) anyway.
I login too often to be confronted by 'enter this value from sms/authenticator' every single time.
However, due to PCI compliance - I'm pretty sure a) couldn't be done without also doing b) anyway.
#13
Join Date: Oct 2009
Location: ARN
Programs: SK EBG, BAEC Gold, LH FTL, FBP, CCG, HH Diamond
Posts: 1,533
While I'd appreciate two factor - I'd really want it either a) with a good remember me function as per google's gmail or b) only at the point of purchase.
I login too often to be confronted by 'enter this value from sms/authenticator' every single time.
However, due to PCI compliance - I'm pretty sure a) couldn't be done without also doing b) anyway.
I login too often to be confronted by 'enter this value from sms/authenticator' every single time.
However, due to PCI compliance - I'm pretty sure a) couldn't be done without also doing b) anyway.
Anyhow, there are some 2FA solutions that are better than others. World of Warcraft has one of the best ones around if you ask me - it remembers you most of the time but when you do need to log in, you just have to click a button in the app on you phone to confirm your identity - no need to type any codes. Not sure why noone else has done that, but that is how you want it to work and I really wish BA would give us the option to use 2FA.
#14
Moderator, Iberia Airlines, Airport Lounges, and Ambassador, British Airways Executive Club
Join Date: Feb 2010
Programs: BA Lifetime Gold; Flying Blue Life Platinum; LH Sen.; Hilton Diamond; Kemal Kebabs Prized Customer
Posts: 63,739
Do you have a theory as to how the hackers got in to your account? For example is the password for BAEC used elsewhere? I agree that two factor is a better way to go.
#15
Join Date: Feb 2016
Posts: 3
Happened about 2 months ago - email change, which I was alerted to by email, but wanted to view the email in Outlook, rather than via via a mobile device to check that the links in it were valid...
Hack looks like they combined avios, and made hotel redemption to empty the account out.
Took just under 2 weeks to fully resolve and get accounts back under control.
If its an email change be really clear with them that it is an unauthorised change, and that you aren't in control of the email account its been changed to (and that therefore the change email form route is not appropriate).
Only then did it get escalated the following day when I could see that it had been emptied, and the account locked... And between the email reset being requested, the hotel redemption had been made too!
All points refunded, but only after going through "audit" process, and being crystal clear that family account members had not made the bookings.
The interesting question is what checks are made against the data/information supplied during the "change email address" form. Do they just need account number/email address to effect the change?
Hack looks like they combined avios, and made hotel redemption to empty the account out.
Took just under 2 weeks to fully resolve and get accounts back under control.
If its an email change be really clear with them that it is an unauthorised change, and that you aren't in control of the email account its been changed to (and that therefore the change email form route is not appropriate).
Only then did it get escalated the following day when I could see that it had been emptied, and the account locked... And between the email reset being requested, the hotel redemption had been made too!
All points refunded, but only after going through "audit" process, and being crystal clear that family account members had not made the bookings.
The interesting question is what checks are made against the data/information supplied during the "change email address" form. Do they just need account number/email address to effect the change?