If miles are as good as cash, could they be stolen too?


Recent news about thieves attempting to breach mileage accounts at two large U.S. airlines has passengers wondering what kind of personal information held by airlines is completely safe. Add mileage programs to the list of digital accounts that people must monitor to keep safe.

American Airlines and United Airlines recently reported that some frequent flyer accounts in their respective programs were used to book flights and upgrades by unauthorized users. It turns out that the situation was not caused by hackers who cleverly used codes to breach the internal systems of two of the world's largest airlines. Instead, valid user names and passwords were used to gain access. How these were obtained remains unanswered but both airlines suspect that they were obtained outside of their respective airline systems. According to United Airlines, up to three dozen accounts showed the fraudulent activity. At American Airlines the news was worse. As many as 10,000 accounts were affected. The airlines have contacted the owners of the accounts and have pledged to restore any miles stolen in the breach. Both airlines said that other sensitive information such as credit card accounts were not affected. Even with that assurance, American Airlines said that it would pay for a year's worth of credit monitoring for those affected.

The events carry a sober reminder to travelers that their mileage accounts are as good as cash to thieves no matter how their perceived value has diminished over the years. Travel websites that are not airline-specific have also been targeted in the past. There are several ways to safeguard your information when transacting online.

• Always use a secured internet connection. This might seem quite academic but do you really know how secure your network connection is? If you are using a public Wifi connection, even the airline's onboard internet product, chances are that you are not as secure as you think. While the world at large won't be able to piggyback onto your connection inside an airliner, a fellow passenger with time and mischief on his or her hands might. Your credit card transactions are likely secured behind an encryption layer, but other sites that you visit with a user name and password might not be. Luckily, more websites are requiring additional verification (such as a security question requiring an answer) and most secure sites can be identified by the address beginning with "https:" (the added "s" usually indicates a secure site).

• Change your passwords frequently. It might seem like a pain but if you use the same user name and password for all your vital online activity, you run the risk of a one-time thief gaining access to more than a site or two. Consider complex passwords that are hard to guess but are familiar to you. You can add special characters, or reverse some numbers that make sense to you. If you know a foreign language, try making passwords using another language and give them the same level of complexity such as added characters or numbers.

• Watch the watchers. Make sure that when you are entering sensitive information, no one is looking over your shoulder. Add a few extra meaningless fake keystrokes before and after your actual password if your keyboard is that visible to others.

• Check your accounts frequently to spot any unusual activity.

• We all love our smartphones but if you store your passwords on your phone for easy access, keep them in coded text or secured behind an application or other tool used to manage passwords that cannot easily be accessed by others. A stolen device could be just the key a thief needs to steal more than just your ringtones. While using smartphones in flight, make sure you disable the Wifi feature when not in use and disable the feature that automatically connects you to available networks within range when you leave the aircraft. Only join networks you choose yourself.

This recent airline mileage breach is a simple reminder to us all that for all the technology meant to make our lives easier and our transactions quicker, we are still prone to old fashioned thievery if we are not careful. The sad truth is that they have just as many modern tools as you do. Sometimes they have more.