Hilton Honors Flaw Exposed All Accounts

Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number.

Tags:

Security

Story added 23. March 2015, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

Together We Are Forming a Powerful Alliance Against the Bad Guys
ICANN’s internet DNS security upgrade apparently goes off without a glitch
Malicious Mobile Apps (MMA) – A Growing Threat in 2013 and Beyond
France to Facebook: Stop tracking everyone on the internet
Chrome 62 Update Patches Serious Vulnerabilities
Microsoft’s Cloud PC plan for Apple Silicon and iOS?
Anatomy of a “feature” – should JavaScript be allowed to change a web link after you click on it?
Microsoft urges enterprise to test Windows 10 21H1 as May launch looms
Multiple F5 BIG-IP Products CVE-2019-6662 Multiple Information Disclosure Vulnerabilities
GNU Guix CVE-2019-18192 Local Privilege Escalation Vulnerability

Hilton Honors Flaw Exposed All Accounts

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts