Hilton Honors Flaw Exposed All Accounts


Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number.


Read more: Hilton Honors Flaw Exposed All Accounts

Story added 23. March 2015, content source with full text you can find at link above.