Hong Kong police say that up to 121 Asia Miles accounts and 74 bank credit card accounts may have been hacked into during the first two months of 2015, with a mainland-based group suspected to be behind the attacks.
The hackers may have stolen a total of 4.7 million airline reward miles and redeemed gifts worth over HK$200,000 through credit card reward points, authorities said, according to Apple Daily.
The police’s commercial crime bureau said such theft cases surged considerably during January and February.
Three males and one female, aged 14 to 54, had been arrested for deception and dealing in stolen goods.
The police believe the four Hong Kong locals were hired by a mainland group to redeem gifts using frequent flyer miles and stolen credit card redemption points.
Asia Miles declined to comment on the matter, saying police investigations on unusual transactions are ongoing.
But it said the flight rewards program has stepped up security and preventive measures, and that it has frozen some affected accounts and recommended the users to update their passwords.
Members should change their account passwords regularly to thwart potential hackers, it said.
Karl Leung from the Institute of Advanced Learning Leung (Tuen Mun) said the six-digit encryption system adopted by Asia Miles can be easily cracked by hackers using special software. Users should therefore change passwords on a regular basis, he said.
A person, who identified himself as Hon, said he found that 110,000 Asia Miles were missing from his account when he tried to redeem his miles for air tickets on February 28.
Some 80,000 stolen miles were used to redeem a pair of tickets to Milan. Asia Miles has since promised to re-issue the 80,000 miles to him, said Hon, who works for a trading company.
He criticized Asia Miles for merely asking people to change passwords regularly. It is pointless to change the locks when the door is simply too vulnerable, Hon was quoted as saying.
– Contact us at [email protected]