I have had my account hijacked since early September. I have done probably a dozen password changes (airbnb's only answer to an obvious complex problem). They recently escalated my case but, no case manager has been assigned. My Payout Method has been changed twice. I recently changed it back myself and then my account was locked by airbnb and has been for 3 days. Customer service is awful. I think it time to go to the media! Anyone else? 

Hi, guys,

I encountered the loss of more than 10,000 EUR due to the hacking of my account.

So far Airbnb does not care about my inquiries to help by at least giving me the full bank details of the bank account the money was transferred. Imaging! They claim to be restricted to give out this information due to data protection. At same time they pretend that I was the one who registered with that very bank details! Isn't it crazy!

I now will step bay step involve the prosecuters in Austria and Germany, consumer protection organizations and who ever may be of help to get my money. I will regularly post the progress on http://www.parasites.online.

Have a good one!

Ares

Mine got hacked as well.

This threat is 2 years ago and people still got hacked so there are no security whatsoever.

Technically everytime i call or message them they tend to don't care of you.

They always close the chat so you have to explain them everytime you call or chat to them. i'm not sure they tend to don't understand what i'm asking or they are not understand me as i'm not native speaker as they keep asking something else all the time.

**

Oh and they always said that they are going to escalate to Trust and Safety for check further. how can i trust Airbnb as everytime you close the conversation by yourself without me getting a chance for update.

I just simply call them and asking what is the update and they can't even give me an update and try to talk me to something else. What a company

**[Sensitive information removed in line with - Community Center Guidelines]

Just found out my account had been hacked and the hackers got two of my payouts totalling over $2000.

Did in fact speak with someone at Airbnb to report it and was told the same info as Robin in Pensacola reported.  I was not notified of any payout changes to my account and really think Airbnb needs to step up to the plate and do something to securitize their website further.  Will keep my fingers crossed that I have the same outcome as Robin,but am not holding my breath. I would be interested in joining any class action against them in the future.

I just realzied my account was haceked as well. how do i contact airbnb to let them know? They have stolen 4 payouts.

Same here!!! Called multiple times Sat night when I discovered someone had charged nearly $600 to my account. Was hung up on twice. Emailed them and got a return call. After a lengthy discussion was told I'd be contacted with a resolution and here it is a day and a half later and nothing... Airbnb isn't the only game in town. I'll be closing my account...

Hi all, sorry to hear about all your negative experiences. On the 11th May I received an email to confirm a booking for accommodation in China. I live in the UK and I am not planning to travel to China. I called Airbnb immediately and received an email from my account confirming my booking was cancelled but that I would still be charged. When I got through to Airbnb they said I would have a full refund. Day 2. No. Refund. No. Contact. Just called them back and they are marking my case as urgent BUT won't give me a time by when they will get back to me. I am worried I will not receive a refund. Any tips?

Eddie

My wifes' account was just HACKED and 400 odd euros were taken from her PayPal account and booked some stay in the UK? When she tied to login to Airbnb the account was canceled and passwords were changed? Now I need to try to contact Airbnb through my account as she can't log in and they don't have an easy to find, CONTACT US tab on their site? Another headache! We contacted Paypal but lets see what happens?

My account was hacked on 16th May 2019. I noticed after two reservations made due to PayPay payment notifications so I removed the credit card linked to my PayPay account straight away to minimise any further damage.

Similar to other users experience, both reservations were accepted but then cancelled immediately. Due to the host's strict cancellation policy of course no refund is allowed.

I have since contacted Paypay for dispute which they refunded me.

For Airbnb side they said due to technical reason (which they cannot disclose)  my account was not accessiable.

They have since re instated my account so I have changed password and also removed my payment method (PayPay)

but is that secure enough?

Hi everyone,

Having just dealt with 24hrs of hell after my account was hacked, and having the same experience as many of you in terms of the absolute TERRIBLE support from Airbnb, I thought I'd share some tips here.

1) HOW THE HACKER GOT INTO YOUR ACCOUNT

It's important to understand how this is happening so that you can prevent it happening again. Hackers are gaining access to our accounts because they have our email address and Airbnb password. Sadly, and quite honestly pathetically in 2019, Airbnb does NOT support proper 2-factor authentication - so all a hacker needs is your email address and password. They can get this in many places, because unfortuantely many people use the same password for multiple logins. If you have ever re-used a password for more than one website, then this is probably how the hacker can log in as you. There have been MANY websites and services that have been breached over the last few years, so it's quite likely that your email address & password combo is out there. Check out a website called "have i been pwned" to find out. Either way, NEVER USE THE SAME PASSWORD TWICE.

Keep in mind that there are multiple ways that you can log in to Airbnb. For instance, I was using Facebook to log in, and have always had a random Facebook password and 2-factor authentication turned on for Facebook - so I thought I was safe. However, I forgot that Airbnb itself also had a password - which I was never using and had completely forgot I'd set. As a result, it was a password I created years ago... and was freely available on the internet (again, you can see if your passwords are already public at the "have i been pwned" website).

Finally, as has been mentioned in this thread, another way to gain access is through phishing, whether digital (fake login screens) or human (fake support calls). For many people in the thread, this seems to not be the case, but I'm including it here for completeness.

Basically, the hacker knew one of your log in combinations - whether that be Facebook or Google or Airbnb. And if you ever reused any of those passwords elsewhere, it's highly likely that your email/password combination is already public. Change your passwords to be random, never re-use them, and enable 2-factor authentication whenever possible. We need to pressure Airbnb to get PROPER (not "automatic") 2-factor authentication, so I've written to tech news outlets about this ordeal too. Right now, Airbnb only uses 2FA when they detect a problem, which in my case (and many others) they clearly failed to do. This is bad - 2FA should ALWAYS be needed.

Use an app like 1Password or Dashlane or Apple Safari/iCloud to manage your passwords so that they can be complex and random for every website and service you use.

2) HOW YOU CAN GET YOUR ACCOUNT BACK

Airbnb support is TERRIBLE for this. I was hacked 24 hours ago and have heard NOTHING back from my multiple calls to Airbnb. I'm still shocked at how bad they are. So while I STILL wait for them to respond, here's how I got my account back. I had connected my Google and Facebook accounts to Airbnb as part of the verification process, as I'm sure many of us have. When the hacker changed my email address, I got a notification at my email address saying that it had been changed. As soon as I saw that, I went to Airbnb and tried logging in with Facebook. I couldn't - looks like the hacker had removed it.

BUT they hadn't removed my Google account, which still let me log in! I was able to quickly cancel some of the booking that the hacker was making, and add my phone number back to my account. This let me then use the "I didn’t do this—review my account" link that was in the automated "email address changed" email, bcause now I had a way to verify that I was me again (they sent a message to my phone).

However you end up getting access to your account again, make sure you add your Google and Facebook accounts (each of which should have 2FA enabled!) so that you have this backup option in the future.

Obviously change all your passwords as soon as you're able to!

3) WHAT TO CHECK FOR WHEN YOU REGAIN ACCESS

Hackers are using people's Airbnb accounts for a lot of things. Here's a checklist of what you need to look for once you get your account back:

a) New bookings as a guest at other people's homes.

b) New bookings at your home.

c) Your email address.

d) Your phone numbers.

e) Your connected social/Google accounts.

f) Your booking permissions - make sure they didn't add someone who can book trips for you.

g) Your co-hosts - make sure they didn't add co-hosts to any listings you're hosting.

h) Your host payout settings - make sure your money is still coming to you!

i) Your guest payment settings - make sure they haven't added stolen credit cards, since I'm sure you won't want to accidentally use them.

j) Your photos.

h) Your uploaded ID, if you have one - make sure they can't pretend to be you to regain access.

I hope this helps someone! Best of luck. And Airbnb, if you ever read these comments, please FIX YOUR 2FA AND YOUR CUSTOMER SUPPORT! There needs to be a hotline for hacked accounts!