Maximise your Avios, air miles and hotel points

British Airways suspending Executive Club accounts after suspected hacking attack

Links on Head for Points may pay us an affiliate commission. A list of partners is here.

I had a tweet on Friday from a HfP reader who suddenly found himself locked out of his British Airways Executive Club account.  The call centre were not willing to enlighten him further.

Over the weekend, more details have trickled out.

This email from British Airways was posted by a user at Flyertalk:

Dear Customer

British Airways has become aware of some unauthorised activity in relation to your Executive Club account.

This appears to have been the result of a third party using information obtained elsewhere on the internet, via an automated process, to try to gain access to your Executive Club account.

We understand this was login information relating to a different online service which you may have also used to access your Executive Club account.

We would like to reassure you that, although it does appear that the login attempt was successful, at this stage we are not aware of any access to any subsequent information pages within your account, including your flight history or payment card details.

We have now locked down your online account to protect it from further access. As part of the lock-down process we have also changed your password and you will need to reset it before you are able to use your account.

If you use the same login details for your Executive Club account as you do for your online accounts with any other organisations, we would also recommend that you change the passwords for these accounts, as well as exercising vigilance regarding any unusual or suspicious use of your personal data.

For a short period of time, as a precaution, we have also suspended the use of Avios on your account. We will let you know when this suspension period is over.

In the meantime, however, if you wish to spend your Avios please contact us via your local Executive Club service centre. We will be able to reactivate your account by asking you some additional security questions.

We are sorry for the concern and inconvenience this matter may have caused you and would like to reassure you that we are taking this incident seriously.

British Airways Executive Club team

It is not clear what the ‘online service’ is that he is meant to have used which has led to his account being compromised.  It seems that it is NOT AwardWallet which would be the obvious suspect because it is the biggest of the online account management apps.  None of the four people on Flyertalk who received this email report having shared their details with ANY third party apps.

It seems that fraudulent use of accounts is linked to both hotel bookings with Avios and flights.  Russia appears to be a common thread among the flight routes and hotel guest names.  This sort of behaviour is hugely risky of course since it relies on the account holder not noticing that his account balance has dropped.  (This is why it would be stupid to hack AwardWallet, since you would be alerted as soon as your balance moved!)

One Flyertalk poster even found that the name on his BA account had been changed – heaven knows how that was done.

The moral of this story is to keep an eye on your balances – ironically, this may involve giving your details to a service like AwardWallet – and treat account security in the same way you would treat bank account security (which, in some ways, it is).

how to earn avios from credit cards

How to earn Avios from UK credit cards (June 2021)

As a reminder, there are various ways of earning Avios from UK credit cards.  Many cards also have generous sign-up bonuses!

There are two official British Airways American Express cards:

British Airways American Express card

British Airways American Express

5,000 Avios for signing up, no annual fee and a companion voucher for spending £20,000 Read our full review

BA Premium Plus American Express card BAPP

British Airways American Express Premium Plus

25,000 Avios and the UK’s most valuable credit card perk – the 2-4-1 companion voucher Read our full review

You can also get generous sign-up bonuses by applying for American Express cards which earn Membership Rewards points, such as:

Nectar American Express

American Express Preferred Rewards Gold

Your best beginner’s card – 20,000 points, FREE for a year & two airport lounge passes Read our full review

American Express Platinum card Amex

The Platinum Card from American Express

30,000 points and an unbeatable set of travel benefits – for a fee Read our full review

We also recommend Capital On Tap for limited companies. You earn 1 Avios per £1 which is impressive for a Visa card:

Capital On Tap Business Rewards Visa

The most generous Avios Visa or Mastercard for a limited company Read our full review

Click here to read our detailed summary of all UK credit cards which earn Avios. This includes both personal and small business cards.

(Want to earn more Avios?  Click here to visit our home page for our latest articles on earning and spending your Avios points and click here to see how to earn more Avios this month from offers and promotions.)

Comments (69)

  • Liz says:

    Fortunately all my points are still in tack but 40% of my profile is missing – including all the advance passenger information ie passport information is all deleted.

  • Owen says:

    I was notified by BA as well. This happened at the same time that my Spotify account was hacked. It can’t be a coincidence, right? Anyone else find other accounts affected at the same time?

  • Georgie says:

    Very poor communication by BA. The least they could do is put up a notice on the Executive Club site, apologising for the inconvenience whilst they look into this.

    The email that has been sent out in an inconsistent manner to those whose accounts have been compromised looks like a classic phishing email, oh the irony.

  • TheFamousJames says:

    Same thing here – got the email from BA, account locked, password needed to be changed and then the ex gratia points adjustment. Fortunately, just made a large redemption so not many points “missing.” Though that’s not the point of course!

    Out of interest, is anyone using TripIt Pro to monitor their points? Not suggesting there’s a connection, just aware that the feature exists and uses stored credentials…

  • nerd. says:

    Just got this today too. Reset link not working at present- I assume my emails are at the back of a long queue.

The UK's biggest frequent flyer website uses cookies, which you can block via your browser settings. Continuing implies your consent to this policy. Our privacy policy is here.