Apr032016

Real travel hacker wiping out my hotel loyalty points accounts for New York hotel stays

A real travel hacker has fraudulently booked reward nights all around New York City this week redeeming hotel points from several of my accounts. So far this has wiped out over 200,000 points on my account balances for Choice Privileges, IHG Rewards Club and Club Carlson. By the end of next week I may find I have no hotel points remaining in any of my hotel loyalty program accounts.

The reason I became aware of these transactions is Choice Privileges sent me an email March 30 with subject line: “Your USA TODAY e-Newspaper | Thanks for Checking in with Choice Privileges”.

A line in the email reads, “You are receiving this email because you are a current guest at a Choice Hotels property.”

Since I was at home and not at a Choice Hotel, I immediately called Choice Hotels to find out if they showed I was at a hotel somewhere. The Choice Hotels representative stated there were no reservations currently in my account.

Yesterday, I logged into my Choice Privileges account to see my points had been redeemed for two nights for a Choice Hotel in Brooklyn, NY. I was pissed off to see the New York hotel folio for the reward stay shows the room number I supposedly was staying in ‏on the same day I called Choice Hotels to find out if something fraudulent was happening with my account. My Choice Privileges account shows I was at the hotel in the middle of a two-night stay at the time I made the call to Choice Hotels four days ago.

Not just my Choice

To make matters worse, today I learned this is not an isolated hack of my Choice Privileges account. Hotel reward nights were booked at New York City hotels for Friday and Saturday nights this weekend using my IHG Rewards Club account points too. The reason I learned of those hacks was an email from IHG Rewards Club today stating 500 welcome amenity points were added to my account. I have not stayed at an IHG hotel since February.

That hack prompted me to check my other hotel accounts to find another reward stay Saturday night at Radisson Martinique on Broadway, New York for 105,000 points.

I wonder how much worse this will get?

About Ric Garrido

Ric Garrido of Monterey, California started Loyalty Traveler in 2006 for traveler education on hotel and air travel, primarily using frequent flyer and frequent guest loyalty programs for bargain travel. Loyalty Traveler joined BoardingArea.com in 2008.

More articles by Ric Garrido »

Pingbacks

Comments

  1. Is this for real or is this a late April Fools Prank? If it’s for real, how do you think they got ahold of your info? The only thing I can think of is that your AwardWallet was somehow hacked. I have worried about that type of hack in the past. I hope you get your points back somehow, if it was probably any other blogger I’d have been happy about the hack and loss of their points, but you are one of the few good ones, sorry this happened to you.

  2. I do not use award wallet. I do not know if my computer was hacked or if someone is simply sweet talking their way to my hotel loyalty account information over the phone?

    The information I received from one hotel is the reward reservation was made by phone with a note stating the second guest would arrive before me and let him check-in without me.

  3. They have the hacker’s CC so hoed illy they can get him — unless he checked in w your CC too

  4. funny how you didnt get any email confirming your award bookings.

    you always get an email confirmation for stays, be it award or not.

    either it is a fake post or the hacker has access to your email account(s) too.

  5. I know someone whose IHG Rewards credit card was recently hacked. Maybe that is how they got your information.

  6. My 1st thought was Award Wallet, but you don’t use it.
    I have always been a little nervous of storing credentials @ AW.

    The fact that this covers multiple accounts of different flavors, indicates its a personal computer breach. I use a VPN everywhere, even on my secured network, and run all kinds of industry protection.
    Let us know how this plays out.

    S

  7. So very sorry. Every traveler’s nightmare, one of them anyway. It will be telling how each of the rewards program responds to this. This is a robbery, is it not? Can the police be involved? Presumably the hotels have video footage. This is disgusting.

  8. Contacting the hotels, checking video, checking credit card records will do little good. The bad guys won’t be staying there, they will have sold the room nights and innocent people will be staying who have no idea that they are part of a rip off. Hate to say it, but I really hope that you don’t end up with more of a hassle if one of the programs decides that you sold award nights.

  9. Hope you’re able to clear this up without too much damage, Ric, and that you keep us posted so people can learn from your bad experience.

  10. Every hotel I’ve ever stayed at has asked for ID and possibly a credit card if it wasn’t already one file. Is it possible to checkin on points without showing some form of ID? Sounds more like a phishing scam than a proper hack.

  11. That’s just awful. I would be changing passwords on accounts along with security questions/answers ASAP. Sounds like some social engineering here- someone also knew enough about you to pretend to be you over the phone.

  12. Update – Choice Privileges contacted me and told me not to worry about having my points restored. The curious aspect of this for me is if the hacker has access to my accounts, then why not cancel my current award reservations to add more points to my account for booking New York hotel nights?

    As far as ID and credit cards, in Europe I have checked in several times at hotels on points stays and no credit card was required.

    I had three credit card fraud purchases in the past 18 months. A few months ago someone booked $10,000+ in Turkish Airlines tickets on one of my credit cards. I have never flown Turkish Airlines,

    That is one reason why I am not one of these people who hold 25 credit cards for manufactured spend.

Comments are closed.