Cybersecurity researchers at Nord VPN and Saily warn loyalty accounts tied to major airlines and hotel chains are being hacked and sold on the dark web.
Some stolen accounts with hundreds of thousands of miles or points are being sold on the dark web, for as little as $0.75 to $200.
Once scammers get in, they can drain your points, book free trips, or turn rewards into gift cards.
Remember to use a strong, unique password for every airline and hotel account, and turn on multi-factor authentication when you can.
Check your accounts regularly. Look for unfamiliar bookings, missing points, or login alerts, and act fast if something looks off.
You may also want to avoid logging into accounts on public Wi-Fi or make sure you are on a secure connection.
A joint study by cybersecurity company NordVPN and a travel eSIM app, Saily, has shed light on the alarming prevalence of data breaches and loyalty points theft targeting major players in the travel industry.
The research reveals that airlines and hotel chains have had their customer data compromised and sold on darknet forums, putting millions of travelers at risk of identity theft and financial losses.