Loblaws told CBC News that PC Optimum has strong security measures in place. Loyalty programs have become a goldmine for hackers. Then they have access to ALL your passwords. According to MacArthur's records, someone named "Alex" briefly infiltrated her online account. Here are six things you should do to reduce your chances of being robbed: Despite your best efforts, a clever hacker may still be able to rob you. This article contains affiliate links, which means we may receive a commission on any sales of products or services we write about.

He found: “They’re cheap and you aggregate lots of these different accounts together and then funnel them into one account and buy a plane ticket or redeem them for other rewards,” Lee said.

It’s important to also verify that your contact information is correct. “Consumers should always be wary of where they enter their information.”.

Sometimes they’ll include recommendations for other related newsletters or services we offer. “Typically, they usually don't have two-factor authentication; they’re only protected by an e-mail address and password.

That means checking your points balance on a regular basis just as you would your bank account, and creating passwords that are tough to crack.

In addition to using the stolen data to register their own domains and pay for hosting service, the hackers periodically rounded up the dumped transaction data and moved it to sendspace.com, a file transfer site. Owner Loblaws hasn't said how many of the program's six million members have been affected. The bottom line is that you should be creating complex and long passwords that are unique to every site you visit. Without that code, hackers bent on rewards theft could be stopped in their tracks. And in the meantime, be sure to log in to your accounts regularly to check your rewards balance and activity. It doesn’t cost you anything extra, but it helps us to continue building content for our site and channel. Rewards Programs Elite status benefits with the new Marriott Bonvoy program. The VPN creates a virtual tunnel between you and the website or service that you’re accessing. As well as the new extras, there's also three epic Saver Subs, including Nacho Chicken Salsa, Meat Feast and Cheese & Onion, starting from £2.59. These tips can help you keep your travel rewards from taking off without you.

“We get excited thinking about what we can do with these points, the trips we can take and the upgrades we can get,” she said. He said the company wouldn't discuss the measures taken, as "we don't want to give away the blueprint" to other potential attackers.

The dump site domains registered by the hackers included "tushtime.info" and "justfuckit.info" —which, if any sort of traffic logging was done on POS systems, would have certainly aroused the attention of a system administrator. Privacy Policy. And those retailers made it possible by practically leaving their cash drawers open to the Internet, letting the hackers ring up over $3 million in fraudulent charges. Using AwardWallet can also notify you when there are changes to your point balances, which can be extremely helpful for detecting points theft. Hackers are stealing loyalty rewards for airlines and hotels. Apparently, some public USB charging ports have been altered to install malware on your device. According to a report by Schuman, Subway's corporate IT and a credit card company discovered the data breach "almost simultaneously." Keep an eye on your inbox—we’ll be sending over your first message soon. In a scheme dating back at least to 2008, a band of Romanian hackers is alleged to have stolen payment card data from the point-of-sale (POS) systems of …

I have not lost or had my subcard stolen, so I don't understand how this can happen? See related: 7 hot spots for credit card theft and how to cut your risk.

- Dec 21, 2011 1:13 pm UTC. AwardWallet is one of the best tools to use for tracking your credit card and loyalty points. "With PCI compliance, those apps shouldn't be on those systems," said Konrad Fellmann, audit and compliance manager for SecureState, an IT security firm with a practice in retail security auditing, in an interview with Ars. 6. Subway® Card Terms & Conditions Subway MyWay® Rewards available at participating restaurants. Your credit card, airline or hotel rewards could be a target for theft. We don’t check to see if our points or rewards have been affected. She had 140,000 points stolen from her hotel rewards account. Having posted the tip off on deals forum hotukdeals, maxwell675 stated "I used my points to buy nachos today and the the 200 points they cost got refunded. The PCI Security Standards Council, which governs credit card and debit card payment systems security, requires two-factor authentication for remote access to POS systems—something the applications used by these retailers clearly didn't have.

Stolen points can also be easy to redeem. 1Password also detects when an account has experienced a data breach and recommends when you should change your password for specific sites. 900,000 Marriott points (value $1,125) selling for only $270. However, the missing points from the Freedom were still … missing.

"It's not like they had to install something and they didn't," Schuman told Ars. Here’s how to protect your rewards points and what to do in case they are stolen.

This prevents others from intercepting your traffic. According to the indictment, the systems attacked were discovered through a targeted port scan of blocks of IP addresses to detect systems with a specific type of remote desktop access software running on them. They’re easy to access, very easy to use or transfer, and victims rarely check their accounts, so criminals flock to this type of crime without fear of consequences.". This article was written completely independently, see more details here. If you apply for a credit card, the lender may use a different credit score when considering your application for credit. He then preceded to post a picture of his past transactions, which shows him receiving another 200 points when redeeming 200 points. The more difficult a password is to guess, the stronger line of defense you can build around your rewards. If they change the contact info on the account, it makes it even more difficult to detect. "I'm going to spend them right away because I'm scared of this happening again.

If you notice missing points, the first step is to report it immediately to your issuer or bank. Two-factor authentication adds an extra layer of security by requiring you to punch in a unique code, typically sent to your smartphone or email, when you log in to your credit card or travel loyalty accounts. There’s no guarantee they’ll help you, but they might. Rewards will then be issued based on your converted balance.

The glitch seems to be appearing on their latest January offer, in which from now until the 31st January, you can get 200 bonus Subcard points when … “Fraudsters often phish for account details [via email] by luring shoppers to enter their credentials into what look like legitimate text fields. He can be found on Facebook, Twitter, or The ConsumerMan website. But small retailers who don't store credit card data are not required to have the same level of auditing as larger companies, Fellmann said. This is a security vulnerability that I recently learned about.

Get essential reads every week with our newsletter. In PNC’s case, rewards lost because of verified unauthorized activity reported by the customer are replaceable. One of the easiest ways for thieves to get this information is by simply asking you for it! Customers should also contact us immediately if they notice unusual activity on their account.”. Read our affiliate link policy. Identify what can leave your rewards vulnerable – and act. “They can just go shopping for what they want,” said Kevin Lee, digital trust and safety architect at Sift, a digital security company. An overview of what’s changed with Marriott elite status benefits and how to earn valuable hotel perks with Marriott faster. While the scale of this particular ring may be significant, the methods used by the attackers were hardly sophisticated. The glitch seems to be appearing on their latest January offer, in which from now until the 31st January, you can get 200 bonus Subcard points when you buy anything from the Savers menu and scan your Subcard App (or card) in store. By providing my email address, I agree to CreditCards.com’s

See the online credit card applications for details about the terms and conditions of an offer. By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses.