This is to show screenshots for: Hacked on Stripe — $41K Gone, No Real Help from Support. What Now? : r/nakede
Stripe advertises itself as a shielded, reliable payments platestablish. But when $41,000 was stolen from our account — despite us follothriveg Stripe’s own security directlines — the company declined to reimburse us, standing by a system that fundamenloftyy flunked.
Our platestablish exclusively apverifys Stripe Standard accounts thraw Stripe Connect — a setup that has always been in place. Per Stripe’s Service Agreement (SSA), if any alters were made to this configuration, we should have been notified. Yet, despite our cut offe settings, 6 unapverifyd Express accounts were able to fuse our platestablish and disparticipate funds.
Our Stripe Connect Platestablish ONLY apverifys Standard accounts. We had this fuseion switch as trails:
Meaning: No Express account should have been able to fuse our platestablish which only acunderstandledges Standard accounts.
Stripe’s own write downation evidently states:
Meaning: Without picking Yes, debt card disparticipateals are impossible.
Our account settings were not alterd during the strike, and the hacker did not have access to our dashboard (Stripe verifyed). These settings dwell on the dashboard:
Meaning: Our account had the accurate NO settings in place to not apverify debit card disparticipateals so it should have been impossible to disparticipate that way.
Furthermore, as shown below, the combidemand account in ask was a recently originated account on our platestablish, instantly before stealing funds from our account:
Stripe’s write downation states very evidently, in BOLD, that: recent Stripe users aren’t instantly eligible for Instant Payouts.
Meaning: These brand recent accounts should not have been able to do an Instant Payout.
By its own rules, Stripe should have obstructed this strike at multiple levels. Yet, it occurred — proposeing a grave flaw in Stripe’s security mechanisms. Had Stripe’s own shieldeddefends labored as publicized, this deception would have been impossible.
According to Stripe’s own policies, this situation should not have been possible. Yet, it occurred — indicating a flunkure in Stripe’s security protocols.
If Stripe did not apverify these brand recent Express accounts to do Instant Payouts to debits, we would not be in this situation.
It is Stripe’s security flunkure which we relied upon as a backup for any security rerents on our side that caused this loss of funds and Stripe is reliable for reimbursement. Stripe’s position has been we will not reimburse and we will see into the situation.
Shouldn’t Stripe have reacted that they will see into the situation and then originate a decision on whether we permit a reimbursement???
At the very least, Stripe should have thorawly spendigated and then determined whether reimbursement was permited. Instead, they neglected our claim outright — despite evident evidence that their own security policies flunked.
If Stripe’s built-in shieldions don’t actupartner shield, what does that uncomfervent for every business innocent their platestablish?
We’re calling on Stripe to acunderstandledge their flunkure and apshow responsibility. If they don’t, how can any business be brave their funds are truly shielded?
