**See our update to this story here. Hilton is denying that this is a widespread issue.**
Several travelers say they’ve had their Hilton Honors points drained via fraudulent Amazon purchases, a recurring problem that calls into question the relationship between the hotel brand and the web giant.
One Hilton Honors member told Flyertalk that he received an automated notification that his Hilton points had been used toward an Amazon purchase he didn’t make. After logging into his Hilton account, the user saw that roughly 267,000 points were stolen.
He’s not alone. On Wednesday, a member of the Facebook group Award Travel 101 relayed a similar experience – all but 1 of his Hilton Honors points were stolen and redeemed through the Amazon shop with points functionality. And the comments on his Facebook group post suggest this isn’t an isolated issue, with more issues cropping up in the last month or so.
What’s more, responses from both companies show neither is willing to accept any responsibility for the issues.
At the root of the problem is the ability to use Hilton points for purchases at Amazon, one of several changes Hilton made to its Honors program back in 2017. By linking your Hilton and Amazon accounts, you can buy things on Amazon by using Hilton points at a rate of 0.02 cents each – so 500 points = $1 on Amazon.
So while it’s far worse to have your Hilton points stolen for something you didn’t buy, it’s not a good value to use your own Hilton points to buy items on Amazon. You can simply get far more value out of them by booking hotel stays.
One of the travelers whose account was hacked didn’t even have his Hilton Honors account linked to Amazon. Rather, the breach linked his Hilton account to an unknown Amazon account without his permission. That suggests the issue may start with Hilton. And it’s made worse by both organizations inability to identify links between the two accounts.
It’s unclear how or why this is happening, as well as how frequent the problem may be.
Because hackers appear to be accessing Hilton accounts, we strongly recommend updating your Hilton Honors account password. It’s hard to know for sure, but these hackers may be gaining access to Hilton accounts from a past data breach, perhaps exposing different accounts where users have the same login credentials as with Hilton. Updating your password should help stop this problem in its tracks.
Unfortunately, through our research, you can have multiple Amazon accounts linked to the same Hilton account, so proactively linking to your Amazon account won’t be enough to stop the potential theft of your Hilton Honors points.
It’s also a good idea to keep an eye on your emails. The Award Travel 101 member reported he received an email informing him his account was linked to Amazon before the purchase, but Hilton couldn’t confirm what account or even that it was linked at all when he called them.
Users are reporting different levels of success in getting their points back after their accounts have been hacked. But the bigger issue here seems to be the lack of accountability from both parties. Hilton is saying it’s an Amazon issue and Amazon is saying it’s a Hilton issue.
The scope of this breach is a mystery, but it seems obvious there is a serious problem. This isn’t the first time this exact issue has cropped up, but many users have reported they’ve been hacked over the past month.
Until this gets sorted out, we strongly suggest updating your passwords and creating a link between your own Hilton and Amazon accounts.
Editorial Note: Any opinions, analyses, reviews, or recommendations expressed in this article are those of the author’s alone, and have not been reviewed, approved, or otherwise endorsed by any card issuer.