My Ohm Account Hacked, then cashed out to an Amazon card!
Hello all, On Nov. 13th, my OhmHour Account was hacked! I saw an email saying I requested a password reset. So I logged on to Ohm hour, and my password was the same as it was. I then checked my points and about 6500 worth was gone! I immediately notified Ohm, but as we all know responses come a day or so later. So days go by as I discuss this with an Ohm employee back and forth. Finally I learn from my own research that my points were converted to an Amazon Gift Card. So just now I tried to use that gift card code at Amazon, and that the code has already been redeemed! So I called Amazon customer Service and they said there is no way to see what was purchased or where it was sent to. Very frustrating as these situations need to be dealt with immediately, but due to this archaect communication set up, the thief is already done the harm and long gone. So be aware, check your accounts now and make sure your account points have not been stolen like in my case! Never let your points build up too, keep the balance low. I just sent this info to Ohm, but who knows when they will see it. Also, this all started after I bought a TPLink plug where they redeem $17.50 after you link your Kasa account and add the switch. Maybe that’s where the thief got my code? Who knows, but the TP Link Credit from Ohm was made on November 12, 2018, and one day later, my account was cashed out to an Amazon Card and card code immediately used. One other thing that is highly suspicious to me is, there was an email from Ohm sent to me saying my passcode request was received, yet when I logged on, it was not changed. I logged right in a day later with same code. So whoever hacked the account may if requested password change as a diversion. They had to of known my code, otherwise it would of been changed to their new code, right? So could this of been a hack from within either Ohm or Kasa? To get the TPLink refund I did have to re-link accounts to add the new switch. That involved me stating my passcode into Ohm again, and these two accounts did have the same passcodes on that date.