Tuesday, March 31, 2015

British Airways Avios Program Hacked, Miles Gone and Now Restored

The last week has been interesting one for the British Airways Avios program.

Without warning, earlier this week many people (incluidng myself) lost access to their account.  BA website showed that your avios number and/or username was not recognized.  When access was regained for many people (including myself) your Avios balance was reset to 0. That's right, 0!  Most redemptions require some points so 0 is not a good number to have.

I did not even bother to call since their wait times are notoriously long and I knew it was a widespread issue that would likely be resolved by BA.  I also get emails from them with mileage updates so I had proof of how many miles I had before the hacking.

I am happy to say that when I logged in last night, my Avios total was restored!

What Happened?

According to the BA FAQs on the subject:

British Airways has become aware of some unauthorised activity in relation to a number of Executive Club and Registered Customer accounts.

This appears to have been the result of a third party using information obtained elsewhere on the internet, via an automated process, to try to gain access to these accounts.
Our initial investigations show this was “login” information relating to a different online service which customers may have also used to access their Executive Club accounts.

Accounts were then locked in order to not allow the attacks to continue.  It seems that avios miles were purposely set to 0 so that no redemptions could be done with them.

This all makes sense and is a logical thing to do in case of a cyber attack.  The problem was in lack of communication.  Some people were sent emails informing them that their accounts may have been hacked, but many people, including myself, never received anything.  I still haven't gotten any emails from British Airways.

That being said, I would rather them handle the actual attack well than the PR.  In the end, I got my miles back pretty quickly with little to no inconvenience.

My Avios are Still Not There, What Should I Do Now?

If you have reset your password and you still have 0 avios, I would still wait a few days.  If they aren't restored by next week I would call up.  Be prepared to wait a long time to speak to someone.