Delta promptly emailed Aaron the PIN from his SkyMiles account. Which is nice and all, except for the fact that Aaron never lost his number and didn’t request the email. The announcement showed up with no prompt whatsoever.
Aware that email accounts aren’t the most secure things in the world, he’s worried email hackers could take this information and use it to rob people. To be more specific, Aaron’s afraid they could rob him.
So, here is a screen cap of an email I just got from Delta. For reference it says:
JUST A REMINDER:
Dear Mr Reese,
Forgot your SkyMiles account Personal Identification Number (PIN)? No problem.
Your PIN is: xxxx
Now, I didn’t request this…it was seemingly sent out by their listserv because it gives me unsubscribe instructions. Of course, at the bottom it says “Delta is not liable for losses resulting from unauthorized access to, or use of, a SkyMiles account PIN.” If you aren’t liable, then don’t send it in plain text! Many people use the same PIN for multiple accounts, and so this could be a huge security issue.
Yeah, so don’t use the same PIN for different accounts, especially if you’re a SkyMiles member. That’s easier said than done, but Aaron’s story might just be enough of a kick in the pants to get you to comply.