• Hey there! Welcome to TFC! View fewer ads on the website just by signing up on TF Community.

Help required. Accor Account hacked and 129393 Reward points used

Apply For Lifetime Free IDFC First Credit Card
my all accor account has been hacked and someone redeemed 129393 points at 3:30 am on 7th may , I immediately informed all accor team and they have ask to fill a disputed form.
Hacker used the points to book iphone 15 pro in gemanay address that cannot be cancelled.
I am worrying whether I will get my points back.
Any help in this regard is appreciated.
WhatsApp Image 2024-05-09 at 5.22.22 PM.jpeg WhatsApp Image 2024-05-09 at 5.22.22 PM.jpeg
 

Attachments

  • WhatsApp Image 2024-05-09 at 5.23.22 PM.jpeg
    WhatsApp Image 2024-05-09 at 5.23.22 PM.jpeg
    62.3 KB · Views: 289
Last edited:
Click to expand...
chasni said:
It could be part of the below breach (Mar'24) and the data could have been bought by bad actors now.

Click to expand...

this site had been seized by the FBI just a couple of weeks ago lol, seems suspicious that it got back up so quick and already got such a large data breach up. Seems like a honeypot to me.
 
People like to reuse their passwords.

So what happens is some of your personal details, including email and password have been leaked by a website. It could be new that nobody knows or a website that even went out of service many years ago.

Now they will try to use that email and password across hundreds or thousands of websites.

This is by far the most common way of getting "hacked".

You can check on haveibeenpwned.com or some other websites to see if your data was leaked and from where.

Some will try to find if your data was leaked by your email ID, phone number, address and even password.

The last one is pretty dangerous, as they could be able to identify you and link that password to you.

Beside there's the so called "honeypots", so you're basically feeding information to hackers rather than checking if your data was leaked.

Also installing garbage from the internet onto Windows is a very very common way of getting hacked.

Even here the so called computer technicians install cracked copies of software, games and Windows which could and most likely are infected and more vulnerable to attacks.

Some tips:

1. Do NOT reuse your password ANYWHERE.
2. Use unique email IDs. Either to safe guard your sensitive accounts or to use them in junk websites. Fastmail does a great job at this and integrates with 1Password when creating logins.
Gmail has something somewhat similar but not very useful since it's very easy to guess your email ID.
https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html?m=1
3. 2FA is a MUST for anything you value. Without it NOBODY can log into your accounts.
4. Get the recovery codes for any account you value. Print them or put them somewhere SAFE that you can trust. This is the last and ultimate resort to get your account back.
Do NOT make them obvious like writing what they're for or the email ID linked to it.
You could either keep it in a safe place online (which evidently isn't very safe) but encrypt it BEFORE you upload it. Or preferably offline printed or in an encrypted drive.

I'd highly recommend 1Password with SEVERAL hardware keys like Yubikey. Keep one at home so if you lose it you won't lose access to your accounts. However it will only be asked on new devices.

India is among the worst places to be for it as well, so take it seriously because the data for most Indians has been leaked from several cases. There's no such thing as data privacy or protection here, it's been years where cybercrime has taken a lead.
 
chasni said:
Everyone, please change your password immediately.
Click to expand...
Are you talking about Accor password or email password or both?
There was a problem with Chrome browser which led to these leakage of passwords but I login on Firefox and Accor app
 
drsel said:
Are you talking about Accor password or email password or both?
There was a problem with Chrome browser which led to these leakage of passwords but I login on Firefox and Accor app
Click to expand...
Why not change your Accor password just in case? Better to use services like 1Password or Bitwarden. They help you create unique password across each site to avoid reuse.
 
How do people use 1password or the likes? They recommend weired passwords which are impossible to remember. So you are at the mercy of this app to autofill it every time during login?
 
sourpai said:
How do people use 1password or the likes? They recommend weired passwords which are impossible to remember. So you are at the mercy of this app to autofill it every time during login?
Click to expand...
Yes your laptop will store the password until the hard disc crashes.
and if that happens you can always use the forgot password option
 
How many Indians have Accor points and how many accounts have been hacked till now?
Five in a million??
 
sourpai said:
How do people use 1password or the likes? They recommend weired passwords which are impossible to remember. So you are at the mercy of this app to autofill it every time during login?
Click to expand...
Yes.

A simple alphanumeric password can easily be cracked even when hashed. Even with symbols, any password short enough can be cracked quickly with nowadays computing power.

Well, you can also export the data if you wanna use it elsewhere or to another password manager. Theirs work literally everywhere and very well so.

It's the safest password manager out there that is still convenient (cloud features). I put my money where my mouth is, I am quite tech leaned to say the least and I'm very happy with them, it makes my life a LOT easier and safer. I don't have to remember a single password ever, let alone type it... Now supports passkeys which is even better.

And nothing sucks more than getting hacked or losing your lifelong accounts, let alone money.
 
Nikhil jain said:
my all accor account has been hacked and someone redeemed 129393 points at 3:30 am on 7th may , I immediately informed all accor team and they have ask to fill a disputed form.
Hacker used the points to book iphone 15 pro in gemanay address that cannot be cancelled.
I am worrying whether I will get my points back.
Any help in this regard is appreciated.
View attachment 53049View attachment 53049
Click to expand...
Hi Nikhil and Technofino community

My account got hacked yesterday night and the hacker placed an order for 85,066 points worth over INR1 lac. He was able to change the email to his own and place an order, I saw an email from Accor stating the email address has been changed for my account. By the time I changed back, he placed an order.

I have raised a concern on Accor app privacy/ security section.

What else can I do? I read about some form that needs to be filled up? Please guide so that I can act quickly here.

The screenshot I took show hackers address and contact details. Seems he is in France and placed the order.

Thanks for the support
Vik
 

Attachments

  • Screenshot_20240530_064739_ALLcom.jpg
    Screenshot_20240530_064739_ALLcom.jpg
    183.3 KB · Views: 23
vik_b said:
Hi Nikhil and Technofino community

My account got hacked yesterday night and the hacker placed an order for 85,066 points worth over INR1 lac. He was able to change the email to his own and place an order, I saw an email from Accor stating the email address has been changed for my account. By the time I changed back, he placed an order.

I have raised a concern on Accor app privacy/ security section.

What else can I do? I read about some form that needs to be filled up? Please guide so that I can act quickly here.

The screenshot I took show hackers address and contact details. Seems he is in France and placed the order.

Thanks for the support
Vik
Click to expand...
advice has already been posted in the thread, just read through it.
 
Needless to say, if you used the same password from Accor elsewhere...

CHANGE IT.

Even if you used a different email, they know your personal details which can be used to find other accounts even if they have a different email or username!
 
Did you log in to Accor website on Google Chrome or Mozilla Firefox browser?
I want to know if it is browser specific
 
Apply For LTF HDFC Swiggy Credit Card
Here's my take - the Accor data has been put up for sale on dark web and hackers are finding emails and password there. They login and change the email to their own, followed by change in password for which the link goes to their own email. The change in email confirmation WILL come to your email (in the web of hundreds of spam mails). They will then order something and wipe out your points. I even got a threat email from the hacker that if I try to recover my points, they have more info with them and will HARM me more. Although the only other such websites for financial gains are Amazon and Banks which are quite secure.

I suggest everyone to immediately CHANGE your Accor password (so no login possible using the dark web data breach0, my 1 year of Magnus accumulation is gone, hopefully I get it back.

They HAVE NOT hacked my Gmail (my take) as that has clear 2FA and I did not get any notification. The process, to summarize was:
1. They buy your Accor data
2. They login to your account, Accor doesn't send any login alerts
3. They change email to their own, also change address and phone
4. You GET an email about this change; but it's hidden in the web of spam mails
5. They order something on their credentials and wipe out the points
6. I did not even get any order confirmation (as Nikhil did) as the email was changed

Just imagine if they had hacked my email, why will they send 400 spam emails to hide that one Accor Email ID change notification? They will just come and delete it, I would've never got to know they wiped out my points!

Be safe!

PS: just checked that Marriott has a 2FA (thank god for that)
 
vik_b said:
Here's my take - the Accor data has been put up for sale on dark web and hackers are finding emails and password there. They login and change the email to their own, followed by change in password for which the link goes to their own email. The change in email confirmation WILL come to your email (in the web of hundreds of spam mails). They will then order something and wipe out your points. I even got a threat email from the hacker that if I try to recover my points, they have more info with them and will HARM me more. Although the only other such websites for financial gains are Amazon and Banks which are quite secure.

I suggest everyone to immediately CHANGE your Accor password (so no login possible using the dark web data breach0, my 1 year of Magnus accumulation is gone, hopefully I get it back.

They HAVE NOT hacked my Gmail (my take) as that has clear 2FA and I did not get any notification. The process, to summarize was:
1. They buy your Accor data
2. They login to your account, Accor doesn't send any login alerts
3. They change email to their own, also change address and phone
4. You GET an email about this change; but it's hidden in the web of spam mails
5. They order something on their credentials and wipe out the points
6. I did not even get any order confirmation (as Nikhil did) as the email was changed

Just imagine if they had hacked my email, why will they send 400 spam emails to hide that one Accor Email ID change notification? They will just come and delete it, I would've never got to know they wiped out my points!

Be safe!

PS: just checked that Marriott has a 2FA (thank god for that)
Click to expand...
Yes I have access to that Accor leak too. It is sitting in my hard drive.
 
Few people have said they informed Accor via phone....I doubt if we have indian customer care number of accor....which is the right number to contact them if situation arises???
 
vik_b said:
Here's my take - the Accor data has been put up for sale on dark web and hackers are finding emails and password there. They login and change the email to their own, followed by change in password for which the link goes to their own email. The change in email confirmation WILL come to your email (in the web of hundreds of spam mails). They will then order something and wipe out your points. I even got a threat email from the hacker that if I try to recover my points, they have more info with them and will HARM me more. Although the only other such websites for financial gains are Amazon and Banks which are quite secure.

I suggest everyone to immediately CHANGE your Accor password (so no login possible using the dark web data breach0, my 1 year of Magnus accumulation is gone, hopefully I get it back.

They HAVE NOT hacked my Gmail (my take) as that has clear 2FA and I did not get any notification. The process, to summarize was:
1. They buy your Accor data
2. They login to your account, Accor doesn't send any login alerts
3. They change email to their own, also change address and phone
4. You GET an email about this change; but it's hidden in the web of spam mails
5. They order something on their credentials and wipe out the points
6. I did not even get any order confirmation (as Nikhil did) as the email was changed

Just imagine if they had hacked my email, why will they send 400 spam emails to hide that one Accor Email ID change notification? They will just come and delete it, I would've never got to know they wiped out my points!

Be safe!

PS: just checked that Marriott has a 2FA (thank god for that)
Click to expand...
Thanks for your fantastic analysis !
you are right, they would have definitely deleted the email informing you of the password change, IF THEY COULD!

It means they have not got access to anyone's email but only to the Accor account and password
 
You must log in or register to reply here.
Back
Top