I’ve spent the last month tracking every publicly reported Alaska Mileage Plan account hack I could find across Reddit, FlyerTalk, Facebook groups, Twitter, and a few other places.
The numbers are honestly alarming.
265 documented hacks in 2025 so far (through end of November)
Average theft was about 218k miles
140 of those happened in Q3 alone
What really stands out is how unique this seems to be to Alaska.
Using the same search method across the big airlines’ subs:
Alaska: 80 hacks, 61k members, 13.11 mentions per 10k
American: 12 hacks, 113k members, 1.06
Delta: 11 hacks, 352k members, 0.31
Southwest: 18 hacks, 89k members, 2.02
United: 0 hacks, 176k members
That’s roughly 24x the rate of the other airlines combined.
This doesn’t look like weak passwords. Some people were hit after changing passwords, others had PINs enabled, and one person got hacked twice in a single day. If this many high mileage accounts are being drained, it raises serious questions about what else might be exposed.
What also caught my eye is a quietly added term in the Mileage Plan language:
“Alaska Airlines may deny, revoke, or adjust Mileage Plan points, status points, awards, or benefits at any time… including due to system or partner issues, regardless of member fault.”
That “system issues” wording feels extremely broad, especially given what’s going on.
I’ve made the full dataset public in a Google Sheet and archived every incident so nothing disappears. There’s also a longer write up for anyone who wants the full deep dive.
I’m genuinely curious what others think. Between the hack rate, how victims are treated, and the accounting language changes, this all feels pretty grim.
10