Hilton Tokyo - ID stolen via Wifi (January 2016)

Status
Not open for further replies.

Cynicor

Established Member
Joined
Jun 13, 2007
Posts
4,116
During my last stay at the Hilton Tokyo (in January 2016) it seems that my ID was stolen via the Wifi so avoid using it if you can! Lost (temporarily) over 6 figures of cash over various family member accounts ��
 
Last edited by a moderator:
Re: Hilton Tokyo - ID stolen via Wifi

My ID was stolen at the Hilton via the Wifi so avoid using it if you can! Lost (temporarily) over 6 figures of cash over various family member accounts 

Can you elaborate on what actually happened? Sounds intriguing.
 
Last edited by a moderator:
Re: Hilton Tokyo - ID stolen via Wifi

Phone numbers ported, calls made to banks/online logins changed, emails redirected or changed on all accounts so they we wouldn't get the confirmations, then the money moved to an fx company and disappeared.
AFP, when investigating, asked if I had stayed at the Hilton Tokyo recently. Indeed I had, and it occurred the week after.
 
Last edited by a moderator:
Re: Hilton Tokyo - ID stolen via Wifi

Phone numbers ported, calls made to banks/online logins changed, emails redirected or changed on all accounts so they we wouldn't get the confirmations, then the money moved to an fx company and disappeared.
AFP, when investigating, asked if I had stayed at the Hilton Tokyo recently. Indeed I had, and it occurred the week after.

Sorry you had to endure such a rubbish experience. I can only imagine how painful it would be having to sort that out.

However, I hardly see that as conclusive proof that this is how your accounts were compromised. Most likely your email account was compromised first, making it quite easy to get the rest done. Just "listening" to the WiFi traffic shouldn't reveal your passwords, unless your logins were not using secure connections. So the obvious attack would be a man in the middle attack. That would indicate that perhaps someone in the next room (or close enough) was spoofing the HH WiFi network. Alternatively an inside job by someone on the network/info sec team at the hotel.

I'm not saying its not the case, but to me, Hilton being at fault here seems extremely unlikely.
 
Last edited by a moderator:
Hilton Tokyo - ID stolen via Wifi

They had a series of cases over several months, not just Aussies. In fact someone else on the net posted about it too. Not conclusive proof but no idea why they would ask about that place, over anywhere else in the world.

And I never said Hilton was at fault, I do understand how the net works, thanks. I merely said my ID was compromised there. I know it was an IT based attack and not from any physical staff issue with my passport because they hit my parents and my brother at the same time- I had passport details for all 4 on my computer.

Most likely it was some form of network sharing that occurred, and not sniffing.
 
Last edited by a moderator:
Re: Hilton Tokyo - ID stolen via Wifi

Phone numbers ported, calls made to banks/online logins changed, emails redirected or changed on all accounts so they we wouldn't get the confirmations, then the money moved to an fx company and disappeared.
AFP, when investigating, asked if I had stayed at the Hilton Tokyo recently. Indeed I had, and it occurred the week after.
wow that is such a scary experience. So I am assuming you would have had to access said websites/email accounts while connected to the wifi at hilton tokyo? when did this happen? I hope they have fixed up their security..
 
Last edited by a moderator:
Re: Hilton Tokyo - ID stolen via Wifi

Jan 2016. Was very annoying at the time, but luckily we had plenty of cash as it was Japan, as well as 1 credit card and a savings card that weren't compromised!
 
Re: Hilton Tokyo - ID stolen via Wifi

Not a perfect solution but, for $5 a month, a decent VPN provider will eliminate a fair bit of risk when using public wifi.
 
Re: Hilton Tokyo - ID stolen via Wifi

Guvner how does a VPN solve the problem ?
 
Re: Hilton Tokyo - ID stolen via Wifi

I doubt it would have helped in the OPs case though.

If someone had access to information that was stored on his computer, then it implies malware that allowed the bad actor access to data on his machine.. Unless those documents were transmitted during the connection of course.
 
Re: Hilton Tokyo - ID stolen via Wifi

Which phone numbers did they port?
Would suggest some Australian conspirators ??
 
Re: Hilton Tokyo - ID stolen via Wifi

That sounds scary! Thanks for the warning and I hope things will get sorted out soon. Will ensure to use vpn in Tokyo :|
 
Re: Hilton Tokyo - ID stolen via Wifi

were you using a mac or windows computer? just wondering if it makes a difference
 
Re: Hilton Tokyo - ID stolen via Wifi

This is all too confusing for me. Surely this type of operation has to be planned well in advance?

The only information that is stored on my computer are some cryptic account numbers and my flight details. Bank account details are in my head. Sure I use wifi all over the place but I'd like to think that it would be very difficult for someone to put 2 and 2 together and be able to compromise my bank accounts.
 
Re: Hilton Tokyo - ID stolen via Wifi

i don't get this...

so the thief will need to get OP's
1. mobile number (and relative's)
2. ID (100pts) to port (and relative's)
3. bank account details (and relative's)

at a minimum... that is a lot of data...

So how does one lose this over public wifi?

Also, they had to be quick, to take advantage of the number port... and to transfer the money whilst the OP was out of country...

Still though the OP's experience is scary - and is making me think harder about my personal cyber security!
 
Re: Hilton Tokyo - ID stolen via Wifi

...then the money moved to an fx company and disappeared.

Not doubting you at all, but I find this interesting given the hoops I have to jump through to make legitimate FX transfers.
 
Re: Hilton Tokyo - ID stolen via Wifi

My router has inbuilt VPN function, so I just VPN to my home VPN secure and free. Only higher end routers have this, might be worth checking.
 
Re: Hilton Tokyo - ID stolen via Wifi

No malware on laptop- it was actually bought for that trip. Not sure if it was purely via the wifi but definitely the hotel.
My guess is network sharing of some sort. And it was a Mac.
Not sure if a vpn would have helped, my ongoing plan is just to tether to my portable hotspot from now on.
With regard to the fx, there was a bust last year of some local students who had been paid to set up fx accounts then look the other way.
It's very lucrative considering they got around a mil from us in about a week.

With the phone porting, you can apparently do it all online with just a few details. I reckon I could move my friend's numbers quite easily. Check it out yourself!
 
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

Status
Not open for further replies.

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..
Back
Top