rewards card loyalty pointsWe are a culture that loves bonuses, and anyone in the business of making money realizes that. Everything from credit card companies to airlines and grocery stores seem to have loyalty programs these days. While the details vary from company to company, the premise is the same: spend money, earn loyalty points, use those points to get “free” stuff. Unfortunately, nothing is safe from hackers these days, including rewards card loyalty points. Security blogger Brian Krebs revealed recently that some Hilton HHonors loyalty accounts have been drained of their points by thieves who have then sold these points on the black market for a fraction of what they’re worth.

How did hackers steal these points in the first place?

In addition to a username and password, Hilton HHonors allows users to log in using their account number and a 4-digit PIN. Unfortunately, this type of login is more vulnerable to hackers because once a thief has the account number, it only requires that would-be thief to use a program that runs number combinations until it hits the right one to get in. Once a thief has gotten into an account, they could view, transfer and cash out rewards points — redeeming them for hotel reservations, airline tickets and a myriad of other things. These rewards points have also wound up on the black market, being sold for much less than the money it took to earn them. After the points thefts were made known, Hilton added a CAPTCHA security element to its login page, to help enhance security. Unfortunately, the damage has already been done.

How can I protect my rewards card loyalty points?

Luckily if you’re worried about your loyalty points, there are a couple of precautions you can take to make sure they stay safe.

1. Use a strong password for your online accounts. You know that your email, online banking and credit card accounts require secure password protection, but do you apply that same level of caution to rewards accounts? Unless they are connected to your credit card account or something equally in need of extra security, most rewards card accounts aren’t up to snuff on security. That means it is up to you to create strong passwords and take advantage of any bonus security measures offered, such as two-step verification. Don’t know how to create a secure password? Follow our step-by-step guide to creating a strong password.

2. Keep an eye on your points accounts. Not all rewards card loyalty points would be devastating to lose, but some certainly would. Those who have spent thousands of dollars using their credit cards to accrue a large amount of rewards points that can be redeemed for airfare or hotel stays will definitely feel the pain from losing those points. Keeping a regular record of how many points you have earned is a good way to help your case in getting those points back should your account ever be compromised. You can also be aware that something is wrong if you check your points often enough to notice when they’ve been decreased or stolen entirely. In addition to stealing and using the points in the account, some thieves also used the credit cards attached to compromised Hilton HHonors accounts so it’s also important to make sure you’re regularly checking your balance and reporting any potential fraudulent activity as soon as you spot it.

Data theft is a problem that seems to pervade every part of our culture. Learn more about how to protect yourself and your identity at our identity theft protection blog.