American Airlines and United Airlines accounts hacked; cyber criminals booking dozens of free trips

Cyber criminals with stolen usernames and passwords broke into customer accounts of American and United Airlines websites.  In some cases the criminals took stole mileage points, booked free trips and or upgrades.

This incidents happened in December 2014 but were announced by both the Airlines yesterday.  American has started notifying its affected customers by email on Monday, a spokeswoman said.

Both airlines stated that they are upgrading their systems and login process to stop this kind of frauds in future.

United Airlines spokesman Luke Punzenberger said thieves booked trips or made mileage transactions on up to three dozen accounts. The Airline had began notifying its affected customers in late December and the airline would restore miles to anyone who had them stolen.

American Airlines spokeswoman Martha Thomas stated that around 10,000 American Airlines customers were affected and they have frozen some accounts. American Airlines said that it is setting new accounts for customers who have at least 100,000 miles in their accounts.  She said the airline has learned of two cases in which somebody booked a free trip or upgrade without the account holder’s knowledge.

Thomas said that American would pay for a credit-watch service for one year for affected customers.

Both the airlines have categorically stated that no hack has taken place and the thieves got usernames and passwords somewhere

The cyber criminals used these stolen usernames and passwords to American’s Advantage and United’s MileagePlus, hoping that the login information would be the same.

The airlines also added that other information such as credit-card numbers was not exposed.


Please enter your comment!
Please enter your name here