Business Platinum Card from American Express
130,000 MR points
My Aeroplan Account Got Hacked!
Share this Article
Business Platinum Card from American Express
- Earn 90,000 MR points upon spending $15,000 in the first three months
- Plus, earn 40,000 MR points upon making a purchase in months 14–17 as a cardholder
- And, earn 1.25x MR points on all purchases
- Also, receive a $200 annual travel credit
- Transfer MR points to Aeroplan and other frequent flyer programs for premium flights
- Unlimited airport lounge access for you and one guest at Priority Pass, Plaza Premium, Centurion, and other lounges
- Credits and rebates for business expenses throughout the year with Amex Offers
- Bonus MR points for referring family and friends
- Qualify for the card as a sole proprietor
- Annual fee: $799
25 Comments
Prince of Travel is the leading resource for using frequent flyer miles, credit card points, and loyalty programs to travel the world at a fraction of the price.
Join our Sunday newsletter below to get weekly updates delivered straight to your inbox.
Have a question? Just ask.
Platinum Membership
Our Platinum members get access to a Circle community, exclusive live learning sessions, and in-person gatherings with like-minded travellers.
Top Offers
Latest News
Prince of Travel Elites
I was playing gold today, forgot that I needed to look for a plane ticket… I didn’t have the AP Android app installed on the phone so I go on the play store download it, login, do my search and logout… Not even 15 minutes later I get 50 spams (the ones not filtered by the gmail app…) and I notice two AP email saying some of my creds were changed, but I never saw the ticket booked? It’s just that when I got back home and logged with my desktop that I see all those miles being booked and auto refunded.I’ve been told their system detected that because nobody uses the miles to pay for taxes.
But now the annoying thing… What were the odds that this would happen 15 minutes after installing their stupid app!?! I don’t click on spam etc…
Lol this just happen to me today July 12 2019, 1 year it happen to you and we came to the same conclusion, they hacked my Aeroplan account and yes Aeroplan still only allow 6-10 char with no special char. It is asking to be hacked and I asked why no 2 form factor authentication and why not Geo location validate if login from an unknown device.
This time the hacker got my email from Aeroplan and started to spam my email with hundreds of subscription hoping I would delete all these emails including the Aeroplan ones.
It’s really quite unbelievable. That’s a pretty genius tactic too, spamming your inbox. Happy to hear you remained vigilant and alert to the attack.
Just happened to me too last night. I woke up to an email about last minute booking from Beijing to Newark in business class on United UA88. Booking was made literally minutes after I went to bed as if those thieves were watching me! Passenger was a Chinese female. It was already up in the air by the time I woke up. Called Aeroplan right away and the lady on the phone asked me to change my password which I did right on the spot and told me I should get my ~82k miles back in a couple of days. Based on her reaction it seemed like this is very routine for them. I am too extremely surprised at the lack of prevention from Aeroplan’s side. It is such a huge red flag when someone is booking a last minute flight for someone else in a completely different part of the world and it must cost them a fortune to just keep on reimbursing without doing anything to make it more difficult to do this in a first place. Being unable to change password into something that’s longer than 10 symbols and has special characters is a good indication why I guess…
Totally crazy! Good to know to keep an eye out
happened to me last night… toronto -> vancouver last minute booking, interestingly my password was not changed and I didn’t receive any email about booking. I found out because , I randomly logged into my account to see, i was short 20k miles..
aeroplan resolved the issue and refunded..
Glad to hear it worked out. Those pesky fraudsters, they’re everywhere.
This just happened to me today! I’m happy I came across your post so that I knew what to do. My heart sank when I saw all my hard-earned points gone.
Glad to hear it all worked out. It can definitely be a jarring moment, but thankfully Aeroplan are very good about protecting their members in situations like these.
Your AP account was not hacked, you were p0wn3d – probably due to some dodgy websites/apps usage. The AP website is no longer susceptible to brute force password attacks – and quite frankly, those type of attacks are far too expensive to perform in terms of time and resources required, when the average plebes are more than eager to divulge the information to p0wn them and their accounts.
It all boils down to the very old adage – there is no patch for human stupidity.
Ew… p0wn3d? It’s fucking pwnd you pleb. You can’t even do leet speak properly.
You’re probably right. However, "My Aeroplan Account Got P0wn3d" would be a rather silly blog title 🙂
You handled this very calmly. Curious as to what did you use to call aeroplan from Russia. The wait can be long and the cost of the phone call can start to add up.
If you have a decent wifi connection, a Skype call to any toll free number (e.g. 1800, 1888, etc.) is free.
Great shout Jason. I routinely do this when I’m abroad, but it must have slipped my mind at the moment.
Hey Bernard,
I used KnowRoaming. It cost me $5.03 for the ~15 minute call.
If you don’t take precautions, it will only be a question of "when" you will be hacked. Get a password protection app. Don’t be cheap. If nothing else it will be peace of mind. But more likely it will keep your bank account, miles and personal data safe from harm. I use 1Password. It is not only good, I feel proud to support this Canadian company. Seriously, if you don’t take steps, they will get you sooner or later. Be proactive.
Great advice, Bruce. I’ve heard that LastPass is good for this purpose as well. Definitely need to get my ducks in a row!
Hey i got hacked too!!! bugger booked a 1 week rental of an escalade! and from my home airport(yyz) too! I am very tempted to post the guys email and number on reddit but afraid he can retaliate back by hacking more of my stuff so…
I wouldn’t be surprised if this happens all the time. Since I published this article, the search traffic from Google has been nonstop, so it seems it’s a widespread issue. Yet somehow Aeroplan still finds it easier to reinstate miles after-the-fact than implement stricter security measures. Boggles the mind.
WOW! Glad to hear this was resolved. Very stressful situation
How rich you are! Ricky! So many miles!
Now if only that were true about my bank account as well 😉
If you have as many cash lying around as your points in this post, the MS opportunities are endless. You can book a first class flight from one end of the world to the other and do it again after a month.
Wow, this is great information as I ( luckily) have never had this happen to me. I will be much more vigilant with all my award plans because if it can happen to the Prince it can happen to anyone. ( just kidding ).