British Airways suspending Avios and forcing password resets on accounts

This post was updated from the original with some new information!

I received a mail today, along with lots of others looking at Twitter, that my Executive Club account had been locked out and I needed to reset my password.

Logging in, all my Avios have been removed by BA…  As a precaution…  With no note when they will be back.

After 1 hour 40 minutes on hold I got hung up on….  I’ve had waits before, but never this long!

The email itself suggests a third party site/app may be behind this.  The only app I have linked to my BAEC is TripIt, which I use to manage all my travel and I’m a big fan of.  Talking to some others it seems that Trip It could be a common factor here…   A couple of friends who have TripIt have been blocked, a couple who don’t have not…

I haven’t had BA explicitly suggest to me (as I can’t get through) that TripIt may have been compromised, but BA are certainly laying the blame at someone’s feet from the wording of their email.

Or perhaps it is more the case that they are doing this is response to some hacks with no known cause, but a potential risk of anyone using any form of third party app to monitor their account?   I saw a story suggesting someone found a hotel booking in Russia had been made on their account earlier, although in most cases it is the same as me – all the points disappeared due to an ex-gratia withdrawal (I prefer the credits!!).

Not having Avios, and not being able to call, is quite frustrating as I’m regularly on the look out for award flights….

I wish BA would offer the option of 2 factor authentication.  I use this on every site I can, offering much better security than just a password by itself, and specific application passwords for apps such as TripIt – at least making it easier to see if it is hacked and by whom in that case, and easily solved by withdrawing the app password, rather than having to block the whole account as in this case.

I’ll post more when I hear it!

Update – people who did get through are suggesting BA are saying it will take up to 48 hours for Avios to be re-credited.  I’ll see where we are on Monday, and perhaps try another call to them.

One comment

  1. Paul Lefrere

    I got through to a BA agent (15 minutes on hold). All EC accounts are being audited. The hope is to start reinstating accounts (with correct Avio totals) within 24-48 hours. It is a massive task.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s