Account Drained. Questions for others and Warnings


Has anyone else recently had their account drained in a similar way? I'm getting little to no help with answers from USAA and really don't want to hear the same old same old from whoever moderates these posts.


On August 25 I received an alert from my USAA app asking if I changed my pin with an option for yes or no. I immediately clicked no. One second later it said," do you want to authorize an increase to your daily limit" I said no immediately again and called. While I had the USAA rep actually on the phone with me they drained my account down to only $300 before they shut it off. They made SEVEN withdrawals while I had a rep on the phone. They also transfered money from my savings to my checking and drained that.


Here are my warnings and questions that nobody,including two supervisors and two fraud specialists can answer.


-Why wasn't my account shut down the second I responded to not changing my pin,or for the daily limit increase? The answer i received was pretty much, "oops,sometimes that happens." There is zero point in all your security,pins,fingerprint scanners,facial recognition,etc. if the warnings you have in place do nothing. Even if I'm not held responsible for the money,I still would've been left with nothing to live on for a couple days if they managed to take it all out.


-From what I gathered here is what happened. The night before someone logged into my usaa account online from Miami Florida to see if they could get in.(I'm in the northeast) They clicked forgot username and entered my social. They then managed to answer a security question on the very first try with zero failed attempts. It then gives them the option to simply view the username online instead of having it emailed or texted to me,so I had no notice that someone was trying to get in.They then waited until the next day and drained it at an atm in north carolina.


-Here is what I'd like to know and the warnings for others. Let's say somehow someone got my social. They would then have to know that I am a USAA customer,which they wouldn't. They would then have to know my security questions, which they wouldn't and that isn't information that is in any of my email accounts or entered elsewhere online. How could they say this wasn't an internal breach is beyond me. My email wasn't hacked on any accounts. No other logins from any unknown devices .Nothing else has been compromised, I dont get physical mail from USAA so it's not like someone stole it from my mailbox. It would have to be something internal. Most likely some shady contractor that they use. 


- Also,none of the fail-safes worked at all. I'm beyond livid and will likely be taking my business elsewhere which is a shame since we were so happy beforehand.


Has anyone else had a similar experience? I can see if someone stole a credit card number etc, however this is a little far fetched for me to believe it wasn't internal.



Something VERY similiar happened to me, except I didn't get any warnings at all!  I would have loved to have recieved a text or two.  Today I was shut out of my USAA account, turns out someone had called USAA and asked for an incease in withdrawl limits.  They cleared me out from North Carolina as well.  I was a little frantic and didn't ask very good questions on the phone, mainly wondering how my mortgage is going to go through.

Not Drained but took over 5K on the 1st attack back in July this year when USAA customer support helped the fraud folks get into the account over the phone because they forgot the security pin number, took a little over 2K in 2nd  attack just this week. I assume the hacker got in and got all mine and my wifes information. The security here at USAA is nothing. Just this week someone used my USAA credit card in NY and CA (not on-line but local purchases) on the same 3 days and no alert or auto shut down of the card took place. USAA's alert (which to be clear never happened) is to send a alert note to your cell phone app which you have to remember to look at!


latest riduculas security event was the new ATM card arrived in the mail and I called the number to activate it, the computer asked for the last 4 numbers on the card, the CVV code and then asked if I want to chnage the PIN. Think about this, no confirmation / challage of ID, I assume they go by caller ID which is so easy to fake now.


Very sad as I have been a long time member with banking and their insurance even after leaving the service. I will be starting a new account at a local bank and leaving this "should be closed down" banking insitution. Yes they give you the money back but who is paying for that? FDIC, tax payers? But who fixes the lifetime credit issue this has created? Chip card, a bad joke.


BTW - my daughter account which is separate and we do not share any information and she is married with a different last name, had her account at USAA hacked too. they took over 2K.



We appreciate you sharing your concerns in the Community. We regret to hear of your experience. USAA strives to protect our members and their financial security. I have escalated your concerns. We will work diligently to review this matter and provide a resolution.

Smilar things happened to me.



According to USAA and from me drilling them, on the night of Sept 3rd in wee hours of the morning someone recovered my user ID by using my social and answering a security question. That trust me nobody would know the answer I put. They then called on the afternoon of Sept 4th many times from different numbers not in my profile. They could only give my social, zip code (easy enough) my husband’s name and date of birth all public record info. They did not know phone password. My children's names and dates of birth. Yes, I am a woman please tell me how many women can forget their children's names and dates of birth. Trust me I am not near old enough for dementia. They did not know my own date of birth. (really does anyone not know their birthday) They did not know the number of any debit/credit cards. They were able to obtain a temporary password. They went online changed the address and ordered a ATM card with expedited service to Hollywood, FL (less than 30 minutes from Miami). Some USAA member already had this happen that lived in the Northeast and someone did a similar thing to a Miami address. USAA will not give out the address that these criminals changed the account to although it is my account. They reset the pin number for their new ATM card and was waiting its arrival today. Fortunately, I got a text about an hour after they accessed the account about possible fraud. I called USAA and they asked me if I had changed the address or logged onto the account. That was a NO! USAA was able to deactivate the ATM card to keep them from cleaning out my account this time. But what about next time. They now have checking, savings, insurance and my daughter’s college savings account info all because they had a social, zip code and husbands name and date of birth but they could not answer many other harder questions but USAA said here you go have all the info and money. I can see from the posts I am not the first victim. All I can say is I am glad I had not moved any retirement accounts to USAA or anything else they already have enough and are not acting responsibly. Know I have to deal with identity theft and them having more information then they originally had. I believe this may be the result of some kind of inside job or a third party vendor that has some of info. Hmm the mortgage was just transferred to a new servicer. USAA are you doing enough to protect your customers? By the looks of this community I don't think so.

I recently had my account drained as well, still trying to understand how someone could obtain my security questions and answers without drawing USAA attention and ESPECIALLY THE AMOUNT THAT WAS TRANSFERRED  AND WITHOUT A HOLD OR A COURTESY CALL. As an USAA Member for over 10 years we deserve explanations and a better line of security for there customers. 

Quadu - I'm sorry to hear of your experience regarding fraud. I will be glad to escalate your situation further. Please be assured you will be contacted once we've had an opportunity to review this matter further. We appreciate your time and thank you in advance for allowing us to look into this matter.

I just recently opened an account with them. My intention was to use this a savings from one of my incomes.. I had only deposited 75 dollars. Three weeks later.. which is today, I decided to set up my USAA for direct deposit.  Lo and behold, there had been a sixty dollar withdrawal from an ATM. I have not recieved my debit card yet so I was initllially wondering if my mail had been compromised. Now I am wondering if it ever got mailed out in the first place. The rep refused to confirm the address used and wants to send aother card via fed ex. At this point, I will just shut the account down. Not a good start.

I looked for this thread because this same this just happened to us yesteday! They claimed someone called in and changed the user name and password and pin. There is no way someone knew a social, a password never used on anything else, the pin, called from one of our phones (the log of which shows no such thing), ported a line that's in another family member's name, and once they got in, they had access to a lot of info! Finally was notified two days AFTER that a debit card (which we have never used in the 8 years of membership) was authorized to be mailed to another address! Click on your profile to see your driver license number in full view there too! Have absoultely loved USAA and the many products with them till now. I am convinced there are issues WITHIN USAA!

@uneedtoknow, yikes! I have located your information and will have an account expert review this further. Once the review is complete, we may conduct a follow up with you.