I had signed up for a site called XXXX, where you could by Bitcoins using your bank account. I stopped monitoring the account because I no longer wished to do business with them. Unbeknownst to me, my data/devices were compromised after using them on an compromised network ( my temporary place of employment has significant security issues ). Through this, someone was able to access my XXXX account, initiate thousands of dollars of purchases ( initially in small amounts, then larger ) and send the money out from the account without any additional verification being asked for by the provider of the service.
I advised my bank, Simple.com ( attached to XXXX XXXX ), of this. I owned up to the initial few orders I placed with XXXX, knowing that this makes the proceedings more complex. They researched it and denied my claim, citing XXXX initially saying all the transactions came from the same single IP. I pushed them for details and documentation, but they provided nothing other than the notes of a phone call. They said they ‘d research it again. The results of the research led to another denial that hinged, again, on the very same notes of a phone call with no real documentary evidence.
They said that, since I authorized their use of my account for ACH withdrawals and never explicitly removed that authorization, that they had no ability to dispute the charges despite my indicating that I never authorized them. They sent me to the provider to argue my case for them to refund me, which I will report in a separate claim, but knew would n’t be fruitful.
Everything I ‘ve found online suggests that even ACH withdrawals that are in dispute from a previously authorized third party are to be fully disputable. Simple says that is not the case. I asked them to provide their published ACH dispute policy and they said they did n’t have one. I asked them why they do n’t publish their policy when it differs from common practice ( like what the XXXX notes ) and was then told I ‘d need to send all further correspondence through postal mail, as my account was closed ( they closed it because they acknowledged my account information was compromised, even when they said none of the charges are disputable or even appeared to be fraudulent ).