F or the past month, a number of FlyerTalk members have become victims of having the security of their Hilton HHonors frequent guest loyalty accounts compromised — and there is now a discussion on an Internet web site where those accounts are for sale for cheap prices.
To quote content in its entirety which was posted by FlyerTalk member myapologies:
Hi, everyone.
I made an account on this forum to make you all aware of a blackhat forum where the selling of your cracked Hilton HHonors accounts are bought and sold.
I am a member of said forum, but I think that it is wrong that they are doing this to you all.
The website is http://leakforums.org or http://leak.sx. They’re both the same website. Now, you’ll have to create an account on the forum and then visit this forum thread http://leakforums.org/thread-367084. You can’t see it without first making an account.
The thread looks like this
Quote:
Post: #1(This post was last modified: 10-27-2014 12:58 AM by Imperfectluck.) The Cheapest HHonor Hilton Bulk Available FAST and ONLINE
Currently Stocked on HHonorHilton accounts!
You can view what you can get with how many points by looking here, Points Catalogue. Remember these are cracked accounts thats why they are cheap, most them have been inactive and all are checked and I know exactly how much is in which. View things you could buy is say with 30k point account you can get a $50 Giftcard etc, for those who all don’t know about HHonor Hilton. I’m pretty active so expect fast accounts, all are checked and I know how much are in which.Payments BTC/PP only30k-39k – $1.50 cents.
40k-49k – $2
50k-59k – $2.50
60k-69k – $3
70k-79k – $3.50
80k-89k – $4
90k-100k – $4.50Please Post here then send me a PM. prices could vary.T.O.S
1. I’am not responsible for what you choose to do with the accounts after purchase.
2. If account does not work moment after purchase a refund will be issued or replace with a new account.The name of this seller is Imperfectluck.
Maybe presentation of some of this stuff to Hilton will make them a bit more motivated to fix things.
Note the prices listed above: $4.50 for an account which contains between 90,000 and 100,000 Hilton HHonors frequent guest loyalty program points?
A CAPTCHA — which is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart — program was added earlier this month to the area where you log into your Hilton HHonors frequent guest loyalty program account; but that apparently has not been enough to stop what is being called the “hacking” of accounts.
This issue may be a reason why a decision was implemented at Delta Air Lines to require its SkyMiles frequent flier loyalty program members to use passwords instead of the former method of using a four-digit personal identification number to log into their accounts. The policy change — which occurred two days ago — was originally supposed to be implemented towards the end of the year.
I have been monitoring the aforementioned discussions on FlyerTalk as well as this one found at Milepoint; but I did not want to prematurely publicize this issue until there was additional information. However — with the links to where the “black market” for Hilton HHonors frequent guest loyalty program accounts seems to thrive on at least one Internet web site — I thought it was important to increase awareness to this apparent technology breach.
I just checked my Hilton HHonors frequent guest loyalty program account moments ago; and everything seems to be all right.
Other than change the password of your Hilton HHonors frequent guest loyalty program account — especially if it is a four-digit personal identification number, to which you should change to a more complex password — and constantly check its balance, there is not much more you can do to prevent the security of your account from being compromised. Hopefully, a viable permanent solution will be implemented for the long term.
Of course, if I find out any additional information, I will post it here at The Gate and pass it on to you…
