So your IHG account has been hacked and your points have been stolen – chances are you’re freaking out and you don’t know what this means. Will you get your points back? How long will it take? Will IHG be hacked again? These are all great questions and ones I had myself when I found my own account had been hacked and over 150,000 points had been used.
First thing’s first: relax! It’s easy to get worked up in a situation like this and even I found myself frantically searching the web trying to find answers. If you find that your IHG account has been hacked and someone has used your points there are certain steps you need to take to ensure you get them back and get your account restored.
IHG Account Hacked and Points Stolen: What happened?
You may be wondering why you were a target for hackers and how they got your account information and were able to get in to steal your points. The primary reason for this is IHG still only requires a four digit pin as the login and these days that simply isn’t good enough.
Hackers get a list of membership numbers and then run a relatively simple program to figure out the four digit pin you’ve created. Once they gain access to the account they’re able to change the email and mailing address attached the the account and use the points how they wish. Chances are your hacker will redeem the points for Amazon gift cards rather than a stay at a hotel because it’s much harder to get caught and they reap the awards immediately.
Unfortunately, IHG is hacked pretty frequently; you’re certainly not the first person and you won’t be the last until IHG decides to implement better login procedures.
First Step: Inform IHG of the Hack
The very first thing you need to do is call IHG and tell them your account has been hacked and if you know your points have been stolen, tell them that too.
I found out about my account when I tried to login and my pin didn’t work. Because I frequently forget this kind of stuff I tried a few more pins and those didn’t work either. When trying to gain access back into the account it kept saying my email didn’t match any accounts on file and that’s when I knew something was wrong.
I was actually still able to view my account on the app (as long as I didn’t click off the homepage) and that’s when I saw my account had 608 points in it when I had more than 180,000.
If you’re in the US, you can call 1 (888) 211-9874 for the general number and if you’re abroad you can find other IHG contact numbers here. If you have status with IHG, make sure you call the designated line for that as you’ll get through faster and you may get preferential treatment and a faster resolution. I’m IHG platinum and the number I called is 1 (888) 897-0083.
Once you get someone on the line, explain the situation and they’ll check the account and be able to verify that it’s been compromised by asking you some basic questions like your name, address, email and your last stay with IHG. This took me approximately 10 minutes and they said they were going to investigate it and would be in touch within 7 business days.
Follow up with IHG
The chances of IHG getting back to you promptly is unlikely and I had to call a couple of times to see what was going on with my account. I called once before 7 business days passed and they said they were still investigating and fobbed me off. However, the second time I called it has been far longer and it turns out my points had been restored and no one had called to inform me of that.
Don’t be afraid to call numerous times, but don’t try to login to your hacked account unless you know for sure it has been restored and you have the updated information because you run the risk of flagging it again and it taking longer.
The IHG Hacked Account Resolution
My main question when my account was hacked was how they can ensure this doesn’t happen again and, sadly, they can’t. There are a number of outcomes so let’s go through the options they’ll give you.
If you don’t have IHG Ambassador, they will offer you a new IHG membership number and move all of your points, status and history to the new number. This is the easiest option and a new number means your chances of being hacked again decrease slightly. They’ll set up a new number for you, move everything over (should be immediate but can take up to 12 hours) and then they will email you a new pin number. With the new pin number, you will be able to gain access to the account and update all of the information and change the email or pin attached if you wish.
Unfortunately, if you have IHG Ambassador like I do, they can’t create a new number for you because this can’t be moved. To be honest, I have no idea why this is the case, but I had a new number set up for me only to be called back 10 minutes later informing me they’d have to close it and return to the old number because that couldn’t be moved.
This annoyed me because they informed me my best option was changing my email for the account to decrease my chances of the IHG hack happening again. I really only use one email so I wasn’t pleased with this option, but it is what it is.
How Long Does it Truly Take to Resolve an IHG Hacked Account?
From the moment I noticed IHG was hacked to gaining access again and getting all of my points restored took about two and a half weeks. All in all, it wasn’t so bad but it still begs the question why they’ve not done anything about this since it happens with such frequency.
How Can I Prevent an IHG Hacked Account Again?
Until IHG implements stricter login policies there are only a few things you can do to protect your account for the future. If possible, get a new number, and if you can’t do that, make sure to use a different email address and come up with a new four digit pin that’s different from your last.
Additionally, even if you don’t use your account that often, periodically login and check that everything is fine because if your account is hacked, the sooner you can report it the better.
Hacked IHG accounts and stolen points may initially stress you out but it’s important to remember they deal with these all the time so although it may feel alarming to you, for them it’s pretty standard (though it shouldn’t be). IHG will do what they can to restore your account because the hack was entirely on them and not you so as long as you report it as soon as you find out and follow up, you’ll get your account restored within the month.
Has this happened to you? I would love to hear your personal experiences because the more we talk about this the more educated we can all be in how to deal with issues like these!