Back in 2018, Sharon received an unsolicited offer from American Airlines to upgrade her to Platinum Pro. At the time, this was a great offer for us. We had flights booked on American using Avios and this status would allow us to pick Main Cabin Extra seats at no extra charge. Having status made these flights on American tolerable and maybe even enjoyable.
However, was that upgrade worth the hassle and possible security risk of having our account info hacked through a third-party processor? Probably not.
If you haven’t heard, SITA, a company that among other things aviation-related, helps with the sharing of passenger loyalty status between airlines suffered a rather significant hack of its data systems involving the names, frequent flyer numbers and loyalty status of passengers. This resulted in a flurry of emails to members of loyalty programs, some who didn’t even directly deal with SITA, to alert them of a possible security breach.
Sharon was the recipient of one of those emails.
To date, American Airlines is the only one to contact either Sharon or me about the SITA data breach. It appears that the weak link was the sharing between BA and AA of Sharon’s status for our one flight using Avios. This is my assumption because American also gave me the status that I used for AA flights, but those flights were paid for by my employer and American Airlines didn’t share my loyalty status with British Airways (assumingly through SITA.)
Was there anything I could do to prevent us from this hack? Probably not. The only thing that put us at risk was using frequent flyer points to book a partner airline flight. Sure, there are some risks involved in this practice, but I never included my loyalty info getting stolen as one of them. Will this keep me from using the sweet spots as long as the programs allow them to exist? Of course not.
It will mean I’ll keep using strong passwords for all of my loyalty program accounts and that I’ll probably update them a little more frequently than I did before. Thank goodness for password manager applications.
Want to comment on this post? Great! Read this first to help ensure it gets approved.
#stayhealthy #staysafe #washyourhands #wearamask
Like this post? Please share it! We have plenty more just like it and would love it if you decided to hang around and get emailed notifications of when we post. Or maybe you’d like to join our Facebook group – we have 18,000+ members and we talk and ask questions about travel (including Disney parks), creative ways to earn frequent flyer miles and hotel points, how to save money on or for your trips, get access to travel articles you may not see otherwise, etc. Whether you’ve read our posts before or this is the first time you’re stopping by, we’re really glad you’re here and hope you come back to visit again!
This post first appeared on Your Mileage May Vary
2 comments
Help me understand your view. You received free elite status, used that status to receive $200+(?) worth of MCE upgrades, and the “cost” was a suggestion to change your password. Unless you had some AAdvantage or Avios miles pilfered, sounds like you did OK. With as common as data breaches are these days, do you really expect your information to always be safe?
I’d love to hear your thoughts on password management software. I’ve been really hesitant to use one of the programs because if the software was hacked, all of my passwords would be gone. Also I’m dubious whether the software would work for both my Iphone and laptop. I’m also torn on whether to store a hard copy for these complex passwords. If you think it helpful, maybe writing a post on the subject might enlighten some readers.