I might not have noticed that I had been hacked had it not snowed so much last winter.

A terrible snowstorm kept me away from the January CES trade show in Las Vegas in 2014, so for this upcoming CES, in January, 2015, I was more compulsive than usual in planning and monitoring the trip. When I saw that United Airlines had updated its iOS app the other day, I went to check up on the reservation I made for my flight to Vegas, a flight I had booked and confirmed months ago.

But the app didn’t accept my password. I tried it several times, and then I got locked out completely and was directed to call the help desk. I thought it odd but put the call off for a few days: I got busy and thought it was likely just a site glitch.

It wasn’t.

Hack Lesson #1: If a site or app behaves oddly, you should pursue it, sooner rather than later. If something seems odd, something is odd.

When I got around to it, I pointed a browser to the United.com website. I’d been logged in the last time I visited, and the site kept me logged in on this visit (it didn’t ask for my password again). It showed me the last flights I had taken, as well as two mileage withdrawals within the previous week: one for 25,000 miles and one for 100,000 miles.

I hadn’t made those withdrawals. Somebody was stealing my miles.

I immediately called United’s Mileage Plus desk — the only number I could find — to tell them that I’d been locked out of my account and that something weird was going on. The customer service agent asked for my PIN, which did not match what they had on record. Nor did my email jibe with their records. Fortunately, I knew the last few flights I’d taken and could answer all the personal information she asked for, so I convinced her that I was, in fact, me.

I was back into my account, but it’d been ransacked. I was able to see two new flights purchased with my miles: a one-way from Phoenix to Boston and a first-class round-trip reservation for Christmas night from Sidney, Australia, to Beijing. They were booked under a name I did not know.

And the CES reservation I had compulsively set up so far in advance? Gone. The Bad Guys had canceled it. Jerks.

The United agent could give me my account back, but not the flight. I was told to email securitytips@united.com with details of the problem and ask that my miles and reservation be restored. I got an autoresponder, promising a response within seven to 10 business days.

Seven to 10 days. For a trip that was commencing in 11. I don’t think so.

I posted on my Facebook feed and on Twitter, complaining and asking for advice. I searched the United website for a customer service link or phone number where one could get more help with fraud or security problems. Oddly, there was none.

Hack Lesson #2: Don’t give up. Security is a big deal for all companies that do commerce online. Even if it may not seem like it at first, there are people at the company who have the job of protecting you. You may have to do some legwork to find them, though.

I will also say this: Companies for whom fraud and security are important should have an obvious place for customers to report problems — and should respond faster than a week or two.

I fly enough to have made the lower ranks of premium status on United, but I’m not elite. United doesn’t treat me with the deference of more serious frequent flyers. Fortunately, I’ve got a buddy who flies so much on United that it put him in one of their ads. I hate imposing on friends, but I dropped him a quick email and asked if he could direct me to someone who’d respond with a sense of urgency.

Story continues