Threatwatch

Imposters convert hotel guest’s airline miles into gift cards

Network intrusion; Stolen credentials; User accounts compromised; Man-in-the-middle attack

Hackers intercepted Barbara Shaw’s online transactions by breaking into the Wi-Fi network where she was staying.

When Barbara Shaw returned from an 11-day trip to Europe, she noticed more than 250,000 airline miles had been withdrawn from her account while she was out of the country.

“The miles were converted into gift cards, mailed to an address in Georgia, and signed for by someone posing as Shaw,” KSTP-TV reports.

Airline fraud investigators said the hackers likely gained her account login information when she used a hotel Wi-Fi network to check in for an unrelated flight a month prior to her European vacation.

The intrusion probably involved a device attackers use to masquerade as a trusted Wi-Fi network, trick the user’s machine into connecting, and capture usernames and passwords. 

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

sector

Hospitality

reported

November 24, 2013

reported by

KSTP-TV

number affected

Unknown

location of breach

Italy

perpetrators

Criminals

location of perpetrators

Atlanta, Georgia

date breach occurred

2012

date breach detected

2012