The more I hear about it Amy the more I wonder how they can get any with it.

I hope it works out in the end.

Amy, here's something to consider:

Rent a safety deposit box from the B of A branch of your choice. Go down to the market and get a couple of good, rank fish, and maybe a good ripe bree. Put them in the box. Throw away the key.

Unless the law has changed, it takes about six months for a bank to get authorization to open a safety deposit box without the renter present.

They get away with it because corporations rule America these days and no one holds them accountable. Keep after them Amy!

I like Kirk's suggestion. Only why just stop at one branch?

The fish is tempting but would probably lay you open to civil penalties.

I think your best bet is to use your strengths - which in your case is language, writing and publication. That will also take up the least amount of your time. I'm sure you are already publishing this story as widely as you can.

Could you get on a TV show to tell your story? If you keep shouting, surely some investigative journalist will pick it up? They could try getting money out - say from the BoA's president's account - and report their findings.

In fact, there's a TV program in the UK called "Hustle" or something, where they do just that sort of thing. If you like I could track them down.

Thanks but they are refusing to have me as a customer as of the end of July, and my goal, overall, isn't to be a nuisance for the employees at a branch, but to expose the bank overall. I keep blogging about this, despite my worry that some of you are sick of this, for the same reason I keep asking people I meet whether they bank at BofA and telling them my story: because I think people have a right to know my experience of the reality of their "security measures."

Little by little, I pursue this on many angles. Of course, I had to write a letter the other day for my agent to file for a formal extension on my book -- after hearing my story, she was shocked, and is considering freezing her credit (she doesn't bank at BofA, so there was no bank to leave).

Oh, and you have to love the bank's attempts to silence me. Nereida Claudius of the bank, the only person they will allow to have contact with me, e-mailed me that they consider this matter closed. Well, how lovely for them.

Of course, when she woke up on Tuesday, the matter was in my column in the Orange County Register, and will be in papers across the country throughout the month. (scroll down, second question)

http://www.ocregister.com/articles/sex-woman-relationship-2093738-women-lots

Did they think I was just going to take a head pat and go away?

And yes, I'm working to expose this on other levels.

You have a right to be pissed about the identity theft, I'm currently leaving bank of America partly cause of their stupidity in not perusing this. However the thief did not steal your money it stole BofA money.

As far as the rank fish and brie. If you want to hide it in Kenny Lewis's car I'd say go for it. He's actually responsible for all the stupid.

I'm still trying to figure out what the rationale for the policy they are using is. Large corporations are not stupid (cruel and self serving yes) so why would they be so happy with hemoraginging all this money?

The thief has taken my time and will take more of my time, and my peace of mind, and has taken a month out of my book.

Just reread above. Could you imagine if, after a life of paying your bills on time and being careful driving because you are terrified of hurting another person, and trying to be a quiet good neighbor, you are in danger of arrest because some bank never stopped a thief...seven times...when they could've if they'd had the most minimum security measures in place?

And could you imagine worrying all the time that there's something in your name that you have yet to find out about? I used to love getting my mail. Now I dread it. What's next, some electric bill somewhere, some rental in my name that's gone unpaid? Some account I forgot I had and had closed that they'll let the thief open?

The amount of time I've spent on this, and the amount of worry, is just disgusting. Just this blog item kept me from going to sleep last night when I need to work with my assistant from 10 to 2, and need to have stuff written before. But, I just must expose this stuff. It's so wrong that they advertise that they are safe and then, in practice, this is the reality.

Oh yeah, and I have an idea of the rationale behind their policy and I am working on exposing it.

Finally, I guess it's the little midwestern girl in me coming out, with my sense of fairness and justice, and a sense of how people should treat each other: I just don't understand how individual employees can be representatives of a bank that behaves this way and still sleep nights.

Oh, and hilariously, Nereida Claudius, who works for the bank in executive customer service in "the office of the chairman," sends me FedExes from Tampa and has a fax number in Seattle. Of course, being me, I know exactly where she lives, and even have her home phone number. I'm not calling it, despite the fact that she refuses to call me back and will only deal with me via e-mail. But, I wonder if all the hiding is due to the way they treat customers. I mean, if you're not doing anything wrong, why do you have to cloak where your place of business is located?

Amy -

Unless BofA didn't refund your money, I can't agree with your grudge on this one. BofA is under no obligation to permit viewing of their private security tapes. If you really want to see them, you can always sue and then request the tapes as part of your discovery.

Otherwise, it seems that outside of the time it took you to report the case and for BofA to refund your money, you haven't really lost anything. Nowhere have you suggested that BofA was negligent in crediting your account upon notice.

So, what's the beef? That they claim to be "secure" but you still got boned? Isn't it possible that you just fell into that unfortunate margin of error? Do we know that BofA is somehow behind the industry on security?

You were wronged. You were made whole. Without more, I'm not buying it.

Snake, you're absolutely off-base on this. Had they done any sort of verification of these women, and had they cleverly passed -- say, that they had stolen my purse and gotten my card and held me at gunpoint and had my PIN...that would be an entirely different story.

Banks have a fiduciary duty to guard their customers' money, and if you knew your bank would give your money to just anyone who walked in off the street with a fake California driver's license with the wrong expiration date and nothing more...would you still bank there?

Had they done the most minimum checking -- the way Macy's did when one of these women tried to reopen my account there, and said no way -- it's likely these women would have been caught and jailed.

Had this happened one time, I'd say it's one dumb teller. The fact that it happened seven times over one statement period, in places I never go, plus I never go to teller windows and never withdraw large sums of cash because I pay for everything on a single credit card and transfer money from my bank account every month...that suggests that this is not an anomaly, their level of negligence, but business as usual.

Again, my time that I continue to spend is connected to their not doing any verification before giving out my money.

Furthermore, they owe me all transactions and materials under Fair Credit, I believe.

I'm not "made whole." I have, for example, to write letters to the credit bureaus to get the credit applications removed. Again, had they stopped these women by verifying identity with more than the hope that they were me, I wouldn't be going through all this. Just switching banks when I have a book due is a major endeavor.

I couldn't get the letter of fraud from them in a speedy manner, another example...necessary because you have the best shot at catching a criminal if you do it right away.

I have example after example after example. Frankly, I'm shocked that you think I'm "made whole." Anything but.

Furthermore, my concern isn't just me, it's that this can probably happen to anybody who banks at BofA. This should be exposed, and on a national level, and they should be made to pay for making their customers bear the burden here.

"Banks have a fiduciary duty to guard their customers' money"

*You mean the money you still have? The lost $12,000 that BofA has shouldered?

"I'm not "made whole." I have, for example, to write letters to the credit bureaus to get the credit applications removed."

*How is BofA responsible for the attempted credit hijacking at Target and Macy's?

"The fact that it happened seven times over one statement period, in places I never go"

*IMO, this is the only real argument here - that BofA SHOULD have known better. But its entirely likely that the perps targeted branches known for lax security (or perhaps cooperative insiders). We're not dealing with FBI-like security measures. And again, I reiterate - even if BofA was negligent in not acting preemptively - you suffered no damages (well, no legaly cognizable ones anyway) because you still have your money.

It seems to me that most of the time you've "lost" has been invested in your attempts at private law-enforcement. Noble, but entirely of your own choosing.

"Banks have a fiduciary duty to guard their customers' money," They did not give your money to someone else. I'm normally in agreement with but since they placed the money back in your account they don't' really owe you anything. No you don't know where your identity was stolen from so you can't be sure it had anything to do with Bank of America.

I'm thinking it was hacked from some computer system not by an insider, otherwise they would not have had the wrong expiration date. Anyones identity can be stolen with little or no fault from any one. There is no (I'm using the absolute here) system any where on this planet that is 100 percent secure. If there is any possibility for remote access then the system is vulnerable. Some failed CS major with a self serving attitude and a grudge can find some supper obscure hole in any system.

Look at it from a greed perspective. Your a crack computer wiz with a strong anti-establishment streak (quite common) and don't really care about anyone but your self (not as common). You can make a hell of a lot more money committing identity theft than preventing it. Until you get caught but most of these people are so arrogant that they are sure that they will never be caught.

And as for this -

"Meanwhile, I've demanded to get the information about every person at the bank who electronically accessed my account because I want to know if that was the source of the data leak. You'd think Bank of America, with all they've let happen to me, would be bending over like limbo dancers to get me what I ask for -- the electronic account data, and the copies of my signature I've asked for as well, so I could see whether the thieves managed to forge some facsimile of mine. So far, no dice. Can you believe this?!"

Amy, banks would be crazy to voluntarily disclose the results of internal investigations. If the evidence suggested one or more parties' guilt, that person could then pursue a defamation claim against BofA for impugning their character. Such internal data would also increase the likelihood of class actions against the bank - which typically only benefits the class lawyers. Again, I say - you have no legal right to these documents unless you have requested them as part of a pending action against BofA.

Because I guard my information like few people do, and because I have investigated this (after giving BofA my updated driver's license info on April 2 - the fraud started on the 14th)...I actually have reason to look into whether the data breach came out of Bank of America. They are not allowing me to do this, surprise, surprise.

The combination of information the thief had - driver's license #, social security number, birthdate, checking and savings account numbers -- is a combination that would have been held by the bank. DMV does not have my bank account numbers. My auto insurer doesn't have my bank account or social security numbers. The Franchise Tax Board does not have my driver's license number. Bank of America is a place that all of this information is held.

Bank of America is bragging to the media that they have "multiple layers of security." They don't mention whether or not they are actually in place and/or used. The level of security I experienced multiple times suggests their advertising is bullshit and that they may find it cheaper to let their customers be violated than to protect those customers' accounts.

Amy, banks would be crazy to voluntarily disclose the results of internal investigations. If the evidence suggested one or more parties' guilt, that person could then pursue a defamation claim against BofA for impugning their character. Such internal data would also increase the likelihood of class actions against the bank - which typically only benefits the class lawyers. Again, I say - you have no legal right to these documents unless you have requested them as part of a pending action against BofA.

Why should I have to pay to bring an action against them? They were negligent, they owe me. Furthermore, they could do this in such a way that the person's identity is not revealed: "X Doe, janitor" for example, and explain what that person was doing accessing my account on that particular day. I'm not calling the bank all the time. Employees should not be peering into my record.

Snake, somebody sure made you a nice big pot of Kool-Aid this morning.

"because you have the best shot at catching a criminal if you do it right away." No your best chance of catching a criminal is when he doesn't know your looking. False sense of security helps law enforcement more than any profilers or tech ever could.

It's probable that now the person that has your ID actually knows what you look like. Do a google search on your name with bank of America and now they have your column header. Now next time they pull money out of your account they can now look like you and thus even picture ID cards won't be much help.

BoA doesn't care about your money specifically and the pauper that raided your account, nor should they (hear me out). They want to get to the bottom of where this information is leaking from and how the fake cards (drivers license) are produced. As far as justice served, catching the ring leaders and locking away or shooting them would be far more benificail for all than your particular thief getting a slap on the wrist. Which is all she's going to get as she plays the poor down trodden card.

BTW what's you personal opinion of why they have their policies regarding this?

"Why should I have to pay to bring an action against them?"

Because you want something from them for which you have no legal right, absent a suit.

"they were negligent, they owe me."

Owe you what? Once again - upon notification, the bank credited your account.

If you think a BofA security breach led to the attempted credit attacks at Target and Macy's - what damages did you incur there? The time it took to contact the three major credit reporting agencies? I had to do this once - all told, it took about 90 minutes of my life. Annoying, but hardly actionable.

Emotional distress claims look good on TV, but they rarely go anywhere in real life unless caused by a serious physical injury.

Kool-aid notwithstanding, hurt feelings do not a cause of action make.

"Furthermore, they could do this in such a way that the person's identity is not revealed: "X Doe, janitor" for example, and explain what that person was doing accessing my account on that particular day." If you don't know who did it then what value would this be to you?

I understand you indigantion at how you are being treated but your requests are unreasonable. They will not surrender internal audits because A) anti defamation suite B) then everyone knows how the bank operates and who access what when (huge security risk) C) You will put your self at risk by using the information D) They are now open to all sorts of goofy class action suites with no benefit for them or you. They returned your money and would likely have paid for 1 year of credit monitoring for you just to avoid this mess. Once you dive for the jugular they have no reason to help you beyond what is required by law (returning your money).

"Keep defending the bank if you want. I'm guessing you don't bank there." Yes I do and haven't had an problems yet. I'm not defending the bank, I'm disagreeing with you expectations of their response. Firing you as a customer is hugely bad move on their part for several reasons.

I read the OC register article. The comments are pretty negative - is that typical?

One found the headline ("If you're gay, don't date the straight dude") offensive for some unknown reason. Was it the use of the word "gay?" Or "dude?" Or the rhyming of "date" and "straight?" We'll never know.

Another one says, "Amy unless you direct them as to what God wants them to be doing in their life, I have to say that you are NOT qualified to give this type of advice." I'm guessing the god in question is Jehovah, about whom the less said the better.

I hope you get better responses elsewhere!

Snakeman, you've got to be kidding me! This problem didn't end with the $12,000. It's been an ongoing nightmare for Amy. She is right to hold them accountable.

This attitude you're displaying is exactly why businesses -- and you've no choice but to do business with businesses especially some financial institute unless you want to literally crawl off into a cave somewhere and live off the land which tends to make people Unibomberish -- get away with not properly safeguarding their customer's interests.

Businesses today don't give a flying fuck if they even please a customer or not let alone act responsibly in providing goods and services they advertise. They leave us with no protection but to sue then complain about "frivoulous" lawsuits when we do and keep them tied up in court so long (if they really were frivilous it wouldn't take long to defend against them). No, they need to be held accountable and if more Americans were like Amy instead of rolling over and playing dead on cue, maybe we really could put some faith in the companies we do business with in good faith.

And before you cry everyone would be bitching if they didn't make it that easy to withdraw cash, they could still have a policy in place that you had to have your ID and your PIN or something and everyone who complained about the inconvenience of it could be given an offer with a big, friendly customer service smile to forego the protection by signing a waiver as long as they understand that the bank isn't liable if they do. Instead of advertising layers of protection then behaving as BofA did in this instance, for example.

Beyond the identity theft, there is how they treated her afterwards. Of course, she's upset. Who wouldn't be? Even if you were to argue her anger was misplaced (and frankly I don't agree, they should have safeguarded the money she put in their bank for safekeeping, the service she bought from them, better), good customer service should -- and unfortunately never does anymore -- dictate patience and diplomacy with a customer upset by the mishandling.

It's ridiculous how you can't get any half-way decent service any more. I still haven't found a doctor to make an appointment with because even though I went to my health insurance website and did a physician search, every time I call a name (my standards getting ever lower and lower as I go down the list), they turn out to be a specialist instead of the primary care physician they're listed under. When I called the 800 number to ask a question that did not call for my personal information (keep in mind that identity theft is a problem these days and also so is every little thing you do being tracked so they can label you trouble maker for asking perfectly legitimate questions) they would not answer it without my name and card number (the question was what do I pay if I go out of network) and when I said Madam X 55555555, they called me a liar (obviously) and hung up on me saying they didn't have to answer any question without my information. I called back and said I was comparing health insurances before my employer's open enrollment period and making a choice and got the answer in a hot minute. Now there's no reason they couldn't have answered that without tracking me and there's no reason, their participating physician list shouldn't be better compiled. But, no, because of assholes who think it's okay to settle for surly customer service, we have no "right" to expect better.

My health insurance worries don't even begin to compare with Amy's banking problems. Nowhere near. (BTW, did you miss the part where the health insurance coverage she's carefully and responsibly maintained all these years has been jeopardized by this; hopefully, she'll be able to get it covered and not have a break but if she has a break in coverage and is injured or falls ill in that gap is BofA gonna pick up what her insurance refuses to?) And I'm frustrated as hell. My doctor retired. I've been sick a bit lately and my employer has come down on me for using sick leave. I not only really do need to get a checkup but need to file something on my health or else they're going to not let me use my sick leave (a job benefit I took this job for, aargh, because I have been sickly since an operation 4 years ago, sickly but not disabled and not to the point of dipping below my sick leave accumulation).

I'm losing sleep over worrying about finding a doc (the answer to that question was more money than I've got; they way won't pay for out of network; I may be switching during open enrollment though that isn't really until fall) so I can only begin to imagine what Amy's going through. I don't know (and it's none of my business) her finances but $12,000 is a rather big hit initially and all they've paid back. There's possible further financial loss that luckily she's so far been able to prevent, there's loss of her time (which is worth money), including delaying her book release and there's the worry of this person who looks nothing like her committing a serious crime she could be accused of and have to then straighten out when if they had been vigilant, this crook could indeed have been stopped at the first branch entered. Not to mention, given all those coincidences and their overly defensive behavior (actually going so far as to add insult to injury by closing her accounts!!?? By you, this is okay? Are you Nereidi Claudius?) that it seems more likely than not that this was an inside job, perhaps one of their employees working in cahoots with the fat toothless black lady or one of her cohorts.

No, snakeman, you're wrong. Legally I don't know but morally definitely. The reason we can't trust businesses we're forced to is because of this attitude that somehow it's our own fault when they screw up and if we demand better service, we're crazy. It's what is allowing BofA to act this way and it's what is allowing my health insurance provider to blow off my questions and make it difficult for me to use something I desperately need to.

We need more like Amy who say I'm not going to take this and less like you who roll over and say oh, honey, it's not your fault, you couldn't help yourself after being ass-raped and opening wide so they can ram it down your throat too.

Amy, you go, girl! It is doing me good to see that I'm not the only one who will stand up and fight for what's right.

Amy, I'm curious. Has the recent negative publicity you've given them (free of charge) availed you anything? Satisfaction? Apology? Restitution?

Vlad snake have you two not been paying attention? I’m not sure how a fat black woman with missing teeth could change to look like our lovely columnist here. Its not like the person didn’t have the option of googling “Amy Alkon” to know what she looked like before the began stealing her money so her spreading the word doesn’t hurt. Further, while the bank has replaced Amy’s money the attitude of its employees and the attempts to stonewall the investigation mitigate any “whole” feeling Amy might have gotten. To add insult to injury they’re now firing her as a customer, basically saying “We can’t keep your money safe take it elsewhere because we’re not willing to protect you.”
Keep your money at BofA vlad I’m sure nothing bad will happen to you…

I’ve been sharing this story with my friend Jenn who banks with BofA, much like vlad she blamed the victim (Amy) and claimed her money was safe. We decided to test the system. Jenn* gave me her account number and her drivers license. We look nothing alike. I’ve got about five inches and forty pound on Jenn; my hair is brown while she’s a blond bomb shell with a nose out of this world. Like Amy, Jenn only makes infrequent ATM withdrawals for minimal amounts ($100 - $200). Wednesday I was in another town for business and walked into a local BofA to see if I could withdraw money from Jenn’s account, I told them “my” account number asked for $500 and handed them her license. A few taps latter I was told the available balance was $398 because it looked like my mortgage with country wide had just gone through and would I like to take the $398? I took $300 signed and walked out. Needless to say, Jenn is closing her account as I type and moving to a local credit union. Here’s the best part, as I’m standing waiting for the money my phone rings, I answer “This is Carrie*” the bitch on the other side didn’t even blink. Granted I had a valid drivers license and account number but neither of those things belonged to me and I DON’T MATCH THE PICTURE AT ALL!!!! I was in a town the account owners wouldn’t go to and I broke the ATM pattern as well as the typical amount. Further, I now know that they had mortgage, who they have it with and when the payments (and amount) is due.

Amy’s case obviously isn’t an isolated case and as frequent readers of this blog (I’ve seen both Vald and Snake comment before) you should know that Amy’s not going to bend over and ask for more. Would you prefer she kept this information to herself? I personally am glad she’s a bulldog and isn’t going to let them get away with this shit. And no Amy, you’re not boring me with this; I want to know what’s happening! I find it disgusting that you would defend the bank and bait Amy (when she has better things to be doing) when, as Amy said, the bank is guilt of “flagrant negligence”.

*names changed :)

Exactly T's Grammy!!!

p.s. Whoo hooo Amy first time I've been able to comment without getting drop kicked as spam!! Thanks!

"Further, while the bank has replaced Amy’s money the attitude of its employees and the attempts to stonewall the investigation mitigate any “whole” feeling Amy might have gotten."

*Ugh. "Feelings" are not actionable. And Amy's "investigation" is an entirely private enterprise for which BofA is under no obligation to assist.

"To add insult to injury they’re now firing her as a customer, basically saying 'We can’t keep your money safe take it elsewhere because we’re not willing to protect you.'"

*I would fire anyone as a client whose patronage incurred for me more risk than reward. In fact, I liberally refuse to represent clients when the cost of taking on their matter will outweigh my compensation. All businesses should.

I'm not blaming Amy for anything. She certainly didn't invite the intrusion. And she's perfectly free to publicize BofA's security deficiencies. In fact, I encourage her to do so. But her justified complaints end there. She's not entitled to their security tapes, or further recompense. Frankly, if I were wrong, there would be a horde of contingency lawyers eager to take her case for no money down.

I just had to pull a large sum of money out of my account. The tellers know me and they still require an active card (had to swipe) and my pin. Though they did not check my ID. Every BoA I have ever gone to required you to swipe your card. Now their customer service sucks thats why I'm looking at changing banks. When you leave the manger usually asks why. I'll be sure to mention your case as part of my complaint.

"Legally I don't know but morally definitely." If I'm not legally required to help you and you piss me off I'm not likely to help you. I'm not defending the banks behavior I'm just not sure what Amy is going for with the bank. They are meeting their requirement under the law, everything beyond that is up to the bank manager so long as they are within policy.

Amy you have every right to be pissed I'm just trying to understand your approach for restitution. What are you looking for from BoA? An apology wouldn't suite you. Telling you how and when the beefed up security would be fruitless and detrimental.

"It is doing me good to see that I'm not the only one who will stand up and fight for what's right." I agree but I'm not seeing the current approach as bearing fruit. You want them to hurt then make a huge dedication on the inside cover to Bank of America. Thank them for helping you get the book out a month late and the sleepless nights they have caused you. Then when the book sells BoA gets a huge fuck you in print and int the library of congress. If they are stupid enough to sue you for slander then ride the little bastards all the was home courtesy of the ACLU.

"And I'd likely know where the information on those ID's came from." There is not reason to think that, these idiots who stole the money have the slightest idea where it came from. If you know the right people you can simply buy an identity on the street. She could have easily bought the thing Coco the corner pimp and identity provider.

Actually, Vlad, I really can't participate well in this discussion now, as I'm working with my assistant now, and we have limited time, but I am unlike most people in the way I guard my personal information:

Write checks to only a handful of people in my life who I've known for years: my assistant, my landlord, my French teacher, my masseuse, and then pay for a couple other things, rarely, with it.

Pay for everything on my credit card, including phone bill, etc.. Don't use debit cards. Get only magazines at home, and in another name, not my name. Get my mail in a locked box in a business center where I've known the guys for years, and where they guard me and my privacy.

I don't use those grocery store savings cards in my own name. I get them as Mrs. Klaus, Elf's Ass Lane, etc.

Where most people cannot easily trace who gave out their information, I am not most people, and have investigated this already with my auto insurer, etc.

I want Bank of America, first and foremost, to install security measures immediately -- to fix whatever allowed them to do this to me.

And according to Mari Frank, they owe me, under the law, every bit of paperwork and information related to the fraud. She knows this shit -- she helped write the law on it (in California, I believe).

Snake - the point you are missing here is this - and THIS is what the bank is on the hook for:

The continued use of the false identification is being facilitated by BoA's unwillingness to cooperate with Amy or law enforcement.

There may come a time where someone commits a crime and is found with that false identification on them. They then end up entered into NCIC under the name Amy Alkon, with her driver's license number, and possibly her SSN.

They skip bail, and Amy finds herself on the inside of a cell looking out - because all the information from "trusted sources" (i.e. the SSN) match her.

Sure, she'll probably get out in a few days.

So you'd probably consider that no big deal then. After all, it's not like she's doing 10-20 in San Quentin for someone else's murder, right?

"The continued use of the false identification is being facilitated by BoA's unwillingness to cooperate with Amy or law enforcement." Did I miss something. I know they are not cooperating with Amy's investigation. If they are failing to cooperate with law enforcement then fry the bastards hard and long. A lawyer should be willing to take the case as there would be heavy restitution. I'm surprised that Mari Frank won't take the case to help enforce the law she wrote.

As of the last thread on this subject, Vlad, Amy said that she inquired with the police and they'd heard nothing from BoA.

It is in BoA's best interests to keep this hush-hush. The last time someone went public with bad news about a bank, they got run (IndyMac).

Getting the cops involved gets it in the paper.

The police get hundreds and hundreds of these cases a week. They pursue almost none of them. There's a reason this one is being pursued at all, and it's because I asked a detective downtown for advice on how to inspire one of the detectives in the identity theft/fraud division into seeing that my case was different from the rest, more solvable, and that I was an involved victim who would help the police pursue the thieves.

I have done a good deal of legwork on this; for example, getting Target's credit division to go into their archives -- which they can't just do in five minutes; they have to file a request. I got all the information I could to help the police: The store where the ap was made, the exact time, finding out whether their systems were on Pacific time or central time, and more.

BofA allowed me to be victimized, and in a way that's repeatedly and flagrantly contrary to their brags about "multiple layers of security," and they aren't allowing me the information I need to protect myself in the wake of their negligence: tape of the thief.

And this, when Whole Foods' releasing of the tape of my hit-and-run driver led to my getting the police on the guy and eventually getting him prosecuted. My motivation there was similar: Right a wrong done to me, and prevent other people from being endangered. Not only did I track the guy and make the police pay attention when the cop I brought it too was very underinterested, I wrote a letter to the prosecutor to persuade him to bring the case before a judge. P.S. The judge thanked me from the bench afterward, and said without me, the guy would not have been brought to justice.

Another word on law enforcement: There are many good cops out there, and I appreciate them for putting themselves in harm's way and protecting us. That said, the police in general are overburdened, and and while I have a super-sharp friend who's a detective, not all cops are as excellent as she is or as motivated. And certainly, it's going to be the rare cop who's going to go out of their way like I will to pursue these thieves. I'm just one of numerous victims they have to deal with.

If ever you've been a victim of a crime, I'm guessing you have some experience with what I'm talking about.

Never assume that anybody but you is going to care about your case like you would.

Hmm. Get your money back, and you're "whole"?

Hey, I know that the law says things that are often different from public expectation, but this is just sick.

Let's have a story: "I plan to murder and rape, sometimes not in that order, dozens of people, jaywalk, defraud investors, and feed transfat-laden food to family members while subjecting them to secondhand smoke, all the while driving a Hummer (the BIG one, baby!) back and forth to work 50 miles each way because I like the stereo and I can afford it. In the yard, I'm dumping old motor oil and venting R22 Freon to the atmosphere because I can sell the copper scrap from old refrigerators; I dispose of the refrigerators by dumping them in the river. It's a hobby of mine. While I'm there, I'll shoot that eagle bothering me, with lead shot. When I get back, I'm putting out a sponge soaked in bacon grease and a bowl of antifreeze for that nasty neighbor's dog. Groping my co-workers in the elevator at work, I will proceed to my workstation and surf the Internet all day via a copy of Virtual PC, registered to another person. Using your ID, carefully (not too tough after Bank of America gave me what I needed), I will hack into the uncontrolled no-fly database under the supposed control of the Transportation Security Administration and un-link your personal information from the report, mixing it with others, possibly a hundred people. In the details I provide, you will become a child molester currently in custody in Leavenworth, Kansas while I become Larry King. Not that one.

Your ID will be on the blotters of police departments across the country, which are not now linked to exchange other than emergent information. You get stopped for an extinguished taillight and arrested while you are passing through Brawley, CA, a location without the means to re-identify you by any advanced means. While you're waiting, the other inmates congratulate you on your career as a child molester. The local TV news puts your picture on the screen, with the caption, "Child Molester Arrested Again". They don't put out that it was for a traffic ticket. They don't have to.

Days pass. Healing in the hospital, you note with dismay that the same local TV station is not interested in publishing your picture to let everyone know you were cleared, and upon being stopped for a DUI-check roadblock in Merced, CA you discover that the police there have all sorts of energy for apprehending criminals, but it is someone else's job to correct the database, which still identifies you as a criminal. Go back to jail. Go back to the hospital. I'll be having a steak and beer at your expense. Oh, right. The bank's expense, because they'll 'make you whole'."

Read the Wikipedia report on ID theft: the most effective way to avoid identity theft is to not be identified. The more effectively you are identified, the less capable you are of defending yourself from a professional - including law enforcement - who needs a loser to stand in for him.

Don't be that loser.

It costs so much to recover ID because it's not an easy, package deal. It's like telling the movers you have six houses, and they have to figure out what the addresses are before they go get your stuff. Gee, I sense an analogy here: any moving company would jump at the chance to move six houses' worth of stuff...

Don't think for a minute that someone else is going to retrieve your identity for you.

"Whole"? Ridiculous. Hey, if a rapist pays for the abortion, no harm done, huh?

Rad - yawn. Gimme a break.

He's absolutely right. And read "Carrie" and "Jenn's" test above. Jenn was a skeptic, too -- as I surely would've been before it happened to me or I heard how little security or verification was involved in letting thieves remove money from an account SEVEN times.

Do you think what's happened to me is an anomaly?...or that maybe many, many other people haven't had it happen to them for this reason alone: nobody's tried.

Amy, you're combining scenarios. Carrie and Jenn's test is a lesson about lax bank tellers - the part of your story I continue to encourage you to publicize. Information like that is good for the marketplace. However, it does not involve Rad's paranoid worst-case scenario.

The mere possibility of injury does not create a loss that merits recompense. A true loss looks like this: 1) someone at BofA hawks Amy's information to Perp, 2) Perp successfully uses Amy's information at Target and Macy's, and 3) screwing up Amy's credit, health insurance, getting her thrown in jail on someone else's crime, etc., thus causing an actual loss that merits redress.

2) and 3) haven't happened yet. (Indeed, we don't even know that the Target/Macy's perp and the BofA perp are one and the same). Nor does your worrying about whether it might happen change that fact (or more accurately, absence of fact).

If that IS the story, then why do we keep talking about Target, Macy's, and the possibility of someone else's jail time?

Now we're throwing your IRA mess at this? So its really three grievances - 1) IRA contribution error, 2) lax teller handing out your money, and 3) the possible ramifications of the suspected transfer of your identity to misanthropes. Tell me again that you're not combining issues.

Unless the story is simply about why BofA sucks. In which case, you've just compiled a thorough list of indicia compelling readers not to bank at BofA. No argument.

But you still haven't made out a single claim entitling you to more than your $12,000 (plus lost interest for the days the cash wasn't in your account - something I bet BofA automatically credited to you).

Caveat - well, actually, the IRA fuck-up could conceivably entitle you to the present-day cash value of your lost year's tax deduction. Did you pursue this?

Snakeman -

Let me lay this out for you in terms anyone should be able to easily understand. Let me also add the disclaimer that I am not a lawyer or legal professional, but I have a more than trivial understanding of the laws concerning safeguarding of proprietary information.

The bank, as a regulated institution, has a fiduciary duty to its customers. In addition, they are required by law to possess certain personally identifiable information (PII). They are also required by (different) law to safeguard said PII.

The reason for Amy mentioning all the issues you accuse her of "combining" is simply a presentation of evidence that the sum of her PII was released into the wild. There are only two ways that this is likely to have happened - someone has been gathering information about Amy one piece at a time from various compromised sources, or someone who had all that information in one place let it out. I submit to you that the former is vanishingly improbable, which leaves the latter.

The IRA incident is mentioned because that is the point in time at which BoA came into possession of Amy's driver's license.

Now, about that simple explanation:

If a regulated organization has a fiduciary responsibility to you and they have information that would allow someone to violate your financial integrity, that fiduciary duty extends to protecting said information.

In addition, the law allows for criminal and civil sanction for persons and organizations that through intent or negligence allow such violations to occur.

Therefore, Amy need to prove such negligence occurred, and if she prevails in court, she IS entitled to financial compensation (in the form of compensatory and punitive damages) on the basis of the violation. Compensatory damages can include time lost, wages lost, mental anguish, etc. Punitive damages are just that - punitive.

Where this all falls apart for Amy is that any investigation into the data leak cannot begin without the bank explicitly stating that she's been a victim of fraud. But since that investigation will almost certainly lead back to BoA, they aren't going to give her that letter.

So without the compulsion of a subpoena, Amy is unlikely to stop being victimized.

But you still haven't made out a single claim entitling you to more than your $12,000 (plus lost interest for the days the cash wasn't in your account - something I bet BofA automatically credited to you).

Lemme tell you something. The time I've spent on this has been due to BofA stonewalling me almost every step of the way and not allowing me the video that I am actually allowed by law. I got the Federal affidavit form last night (when I was awake worrying at 3:30 am) online, and I'm going to send them the documents I got from Mari Frank's book via certified mail and demand the video and all other documentation related to the fraud, as I am allowed BY LAW. The fact that they keep refusing me this stuff and I am forced to spend more time and put a packet together and send it certified mail doesn't mean they are right to do so. They are PREVENTING ME from protecting myself -- my identity, my clean record, and so much more.

Furthermore, I had a choice at the beginning of this, and I knew it. My best shot of getting a settlement out of this bank -- and Mari Frank apparently gets people huge settlements without going to trial -- would have been to shut up about it, and tell them I'd gotten this media outlet or that media outlet interested. Mari told me they typically have you sign a confidentiality agreement in exchange for settling with you in regard to their negligence. Well, that would mean that I'd make out financially, but the price of my silence would be letting lots of other BofA customers and potential customers be in what I perceive to be harm's way.

I feel it's essential that I let as many people know as possible about my experience so they can decide for themselves whether they think this reflects some wild anomaly (...seven times!) or whether they feel their account is or would be at risk at this bank.

And Brian is exactly right above. And thank you for that. I've got a lot of water to carry these days, and any help I can get on that end is appreciated.

Please, everybody, spread the word to people you know who bank at Bank of America. I'm guessing people do not keep their money there thinking their account could be violated as easily as mine was, by a thief with a fake driver's license in my name with the wrong expiration date, and who was not made to punch in a PIN number, and whose signature was not verified to be mine, yet who was given my money SEVEN TIMES.

Snake, do you expect this from your bank? Do you not understand a bank's fiduciary duty to its customers?

I'll explain this another way: If the thief had been a master signature forger who robbed me at gunpoint, then took my my license and bankcard and another form of ID, pistol-whipped me into giving her my PIN, tied me up in a shed so I couldn't report the theft, and had then gone to a Hollywood makeup artist to be made to look just like me, and then had then gone to Bank of America and withdrawn money from my account, this would be a non-story in my mind...just one of those shitty things that happens. I sure wouldn't have blamed the bank in light of somebody doing a really good job to collect my real ID and go in and fool them. Then they'd be the victim, too, not the enabler and, in that, the co-perpetrator.

But that wasn't the case, was it?

I have an extremely strong sense of justice, and the way they advertise their "security" contrasted with my experience of the reality of it, boils me to my core. I will use every means legally available to me to go after them, even if I don't have the cash to bring suit against them.

FYI, if I were all about money, I'd be writing advertising or sitcoms and making piles more than I do. I want to earn a really good living, and do just fine now, but it means more to me to do what I do: to have a job where I make a difference using an ability I have to reason, research, write, and be funny. I can't tell you what it means to me when I get letters telling me I've helped somebody, especially from young girls I've advised in how to stop being doormats and to build a self instead of thinking a guy is a shortcut.

"Rad - yawn. Gimme a break."

Nope. Your assertion is apparently that money back = responsibility fulfilled.

Clearly nonsense. Sorry you tired before you got that far. You should be more concerned, IMHO, because you probably look more like the average perp than our Miss Blazing Wite-Out.

Brian, thank you for making my point for me. You almost got it right when you said "Amy need to prove such negligence occurred, and if she prevails in court, she IS entitled to financial compensation (in the form of compensatory and punitive damages) on the basis of the violation. Compensatory damages can include time lost, wages lost, mental anguish, etc. Punitive damages are just that - punitive."

You should have said " . . . and if she prevails in court she IS entitled to *whatever monetary damages she can prove were reasonably forseeable and unavaoidable.*" Sorry, but "mental anguish" and "time lost" do not become measurements of damage without an actual personal (physical) injury. Punitives are also not awarded in typical negligence actions. They require a showing that BofA acted in a manner that was "willful, wanton, or malicious." This is my point - I'm not saying BofA wasn't negligent. I'm saying that Amy has virtually no redressable damages to speak of. But hey, don't believe me. Ask a plaintiff's lawyer. Hell, ask a dozen of them. If there is any significant recovery to be had, I'm sure at least one would jump at the case.

"So without the compulsion of a subpoena, Amy is unlikely to stop being victimized."

*Ding! Ding! Exactly what I've been saying. If Amy thinks BofA's negligence has caused her damage, she is free to sue and request anything she wants via a legal document production request. Plaintiffs do it all the time.

"The time I've spent on this has been due to BofA stonewalling me almost every step of the way and not allowing me the video that I am actually allowed by law."

*And which law would that be? I don't think Fair Credit Act includes security camera footage. But hey, if they are willing to provide it in response to your letter, by all means.

"They are PREVENTING ME from protecting myself -- my identity, my clean record, and so much more."

*They are preventing you from changing banks? From filing a police report? From contacting the credit reporting agencies? From changing your driver's license number?

Or are they just not cooperating with your private investigation?

"Snake, do you expect this from your bank? Do you not understand a bank's fiduciary duty to its customers?"

*OK, one more time - a breach (which I have never disputed) is not enough. You need to be damaged. You haven't been. You got your money back. I know, I know, but what about all the "time lost" and "worry?" Tell you what - total it all up and parse it out into the following categories - 1) time spent getting your $12,000 back, 2) time spent protecting your credit and identity after hearing from Macy's and Target, and 3) time spent pursuing the perp.

BofA is arguably responsible for 1). Now, how much do you think that's worth? How long were you inconvenienced by that element alone?

BofA is PERHAPS responsible for 2). This is a fact you would need to prove at trial before you could even quantify this damage.

3) is a course of action entirely of your own choosing.

Snake - you're quite wrong.

And lawyers don't just magically "jump" on cases out of an extended sense of justice, and they don't often take cases on spec. And they certainly aren't going to do something like this pro bono.

The first issue here is the (potential) violation of the Privacy Act and other applicable acts. See, when you have financial data, you are REQUIRED BY LAW TO PROTECT IT. If you as a financial institution have an employee that is compromising that information, YOU ARE LIABLE FOR THAT EMPLOYEE'S VIOLATIONS OF APPLICABLE LAW.

Amy's supposition (which the bank is doing everything in their power to obstruct her gaining evidence of) is that the bank failed in its duty to safeguard her personal information.

The second issue is the ongoing reputational damage to Amy's credit history. Every time someone applies for a card, it shows up on her credit history, and it lowers her credit score. This can have a long-term financial impact on Amy, should she decide to finance a new Honda or a house.

The third issue is the potential reputational harm from someone violating criminal statutes while impersonating her.

These are all actionable. And they all stem from the negligent act on the part of the bank.

When it comes to financial activity, snake, malicious intent is not required for there to be criminal sanction. Why do you think those companies that lose backup tapes and laptops have to shell out all kinds of money to protect and/or repair damaged credit ratings of the people whose information was mislaid? It isn't because they're nice people. It's because they face not only criminal sanction, but they can get the shit sued out of them, and they will lose because the law is not on their side.

To recap - where financial information is concerned, negligence is the same as malicious intent in the eyes of the law were customer data is concerned.

And even though your assertion that damage is required is wrong, you're also wrong in asserting that Amy has not been damaged. She has. Simply replacing the money is insufficient. BoA ought to have taken proactive action to prevent the Kaiser electronic payment from failing (for starters). And they ought to have had law enforcement involved the day after the first time Amy reported a fraudulent withdrawl.

But then again, your mind is made up.

Thank you again, brian. Again, exactly right on.

And you reminded me of something: I spent the first few days after I found out about this on the phone ALL day just BEGGING BofA for the letter of fraud, and being stonewalled from 9-5. If you know anything about crime, you know that you have the best shot of catching a perp if you do it as soon as possible after the crime is committed.

And in early July, Nereida Claudius from BofA, executive customer relations, office of the chairman, told me that their investigators were working with the police. She finally gave me the dates the police reports were made. Late July.

Brian, please please please stop giving out inaccurate legal advice.

"and they don't often take cases on spec"

*No. They do diligence and decide if there are damages worth pursuing either for an hourly rate or on contingency. My point exactly.

"These are all actionable. And they all stem from the negligent act on the part of the bank."

*Only if ACTUAL damage occurs. Hasn't happened yet.

"When it comes to financial activity, snake, malicious intent is not required for there to be criminal sanction."

*Never said it did. I said malicious intent is required for a private litigant to receive PUNITIVE damages. Much different from the criminal and civil penalties an agency like the FTC can impose.

Brian, you really need to re-check the relevant provisions of Gramm-Leach-Biley, which only authorizes the FTC (and related agencies) to obtain per se statutory damages, not private litigants. For Amy to recover any cash or force BofA to release the tapes, she'd have to sue under negligence claims, which (again) requires a showing of damages.

Now, Amy, if you want to submit a complaint to the FTC detailing BofA's breach, you can do so rather easily at https://www.ftccomplaintassistant.gov/. This could prompt a federal investigation and federal fines, if found to have merit. And guess what? Its free!

Still won't entitle you to the video tapes, though.

For Amy to ...force BofA to release the tapes, she'd have to sue under negligence claims, which (again) requires a showing of damages.

Wrong. This isn't an area of the law you know. Mari Frank is the expert, and I have the letter from her book, per the law, to demand that I get the tapes. I had to get the Federal affidavit and pull some stuff together, but I'll be sending this stuff to the awful Nereida Claudius to demand ALL information related to the fraud -- digital, video, and paper (like account slips signed by the thieves) -- from these negligent creeps at Bank of America.

I am on deadline today and I can't go find the law on this, but it is the law, and Mari explained it to me on the phone, why I have a legal right to this stuff.

Again, I cannot understand why there's this compulsion on the part of some to gloss over the bank's serious responsibility to protect its depositors and their accounts...far beyond tossing over your money to anybody with a license, real or fake, and an account number, without doing what should be the most minimum tasks to verify who the money is going to.

I am harmed because they did not do that, and many, many others, I suspect, are only not harmed in a similar way or the same way, simply because nobody's tried to break into their account.

And I find that sick.

As for complaints being pursued by the Feds, I only know about telemarketing complaints, but guess what: almost NONE of them are acted upon.

"I am harmed because they did not do that, and many, many others, I suspect, are only not harmed in a similar way or the same way"

*No, you are breached because they did not do that. You are harmed if you actually lose something due to the breach.

"I had to get the Federal affidavit and pull some stuff together, but I'll be sending this stuff to the awful Nereida Claudius to demand ALL information related to the fraud -- digital, video, and paper (like account slips signed by the thieves)"

*The Federal Affidavit you speak of (and it can be found at http://www.ftc.gov/bcp/conline/pubs/credit/affidavit.pdf) is not mandated by law. Its simply a form suggested by the FTC to help victims of ID theft. Nor does it require that information be released to the victim - it simply provides authorization for the receiving institution to cooperate with the authorities. In any event, it says nothing about video footage.

See 15 USC 609e - business entity "shall provide a copy of application and business transaction records in the control of the business entity . . . evidencing any transaction alleged to be a result of identity theft . . . ." CA Penal Code Sec. 530.8 likewise limits itself to "copies of all paper records, records of telephone applications or authorizations, or records of electronic applications or authorizations." Nothing about providing evidence of the perp's ID to the victim. Remember, these are consumer protection statutes, not a means of enabling private investigations.

The Federal affidavit is just part of what it takes to get the documents out of them. It's probably fine to send the affidavit I wrote up for the LAPD, but I'm going entirely by the book on this, Mari's excellent book, linked above.

Sorry, Snake, you're wrong on this.

The Federal affidavit, again, is just a piece of the stuff I have to send them, along with a utility bill showing my current address, my driver's license, and some other materials.

I will squeeze this stuff out of these disgusting people.

At the very least, the way BofA acted in following up with giving out Amy's money to someone who looked nothing like her was shameful -- and I'm being generous with that assessment.

But, frankly, I smell a bigger rat. They've got to be hiding something or else the fastest and easiest way to shut Amy up and make her go away would have been cooperate with her. To not only return the $12,000 (which I suspect was just to cover their butts legally because they saw a chance of bad publicity and being liable for more) but to assist her in further damage control since it started with them. Instead, not knowing Amy very well, used the $12,000 as a pat on the head to pretend to be nice about it and hoped she'd be grateful for that much.

In other words, they handled this whole thing stupidly. And law aside, it was poor business practice. Now they're getting exactly the bad publicity they hoped to avoid. Imagine if instead they had done everything they could to help Amy pursue these criminals (and it still mystifies why they themselves wouldn't want to also catch them before they lose any more money having to replace other people's stolen deposits) starting with immediately providing that letter on Day 1 and cooperating down the line with the police and any investigator Amy employed. Hell, you'd think they'd have their own on the case. Or their insurer would.

If they had thus behaved responsibility whether legally required to or not, Amy would be singing quite a different song and telling us all how sorry they were, how they were cooperating and changing policy to prevent futher withdrawals from their account holders accounts in this manner. I cannot believe for one second that she is the only victim even if the leak comes only from her branch. LA's one hell of a big city.

Oh, yes, I smell a very big rat indeed. 2 + 2 = 4; BofA is acting suspicously as if they have something to hide. Hmmm, gee I wonder why? To paraphrase Judge Judy, they are definitely peeing on Amy's leg and telling her it's raining.

"See 15 USC 609e - business entity "shall provide a copy of application and business transaction records in the control of the business entity . . . evidencing any transaction alleged to be a result of identity theft . . . ." CA Penal Code Sec. 530.8 likewise limits itself to "copies of all paper records, records of telephone applications or authorizations, or records of electronic applications or authorizations." Nothing about providing evidence of the perp's ID to the victim."

Gee, just how would the release of those records conceal the ID of the suspect(s)? How could they fail to show negligence on the part of Bank of America, given what has actually happened?

And how long have you been working there?

Video would be instantly provided to police and any other licensed investigators if the bank were the victim, and I suggest loudly that if the bank was not portrayed in a negative light that they would be now to enlist public aid. Does anyone really think that the bank isn't interested in whoever's doing this looting?

Actually, it's quite possible that they have very good reason for me not to find the thief. The more research I do, the more I believe that. Finding the thief would likely expose something about the bank that I have discovered, but am not revealing here, but that I had a meeting about last night, on my deadline night...something I never do. Suffice it to say, I am not letting this go, and my discovery, interestingly enough, is probably not something I would have made had they not stonewalled me so -- making me focus on them rather than going after the thief, which they've left me powerless to do.

Hmmm...

Amy, keep stacking the cheese in that trap for that very big rat I'm smelling more and more all the time.

Please know that the Fair Credit Reporting Act and Ca. law provide that victims of ID theft be able to get documentation of fraud for free and that they are entitled to get this without a subpoena and also direct the company( that allowed the fraud to take place) to also provide such evidence to the law enforcement agency designated by the victim. In accordance with FACTA, (FCRA-federal law,) the request must be in writing with appropriate verification of ID theft and police report. The company shall be comply within 30 days at no charge.See 15 USC 609e . Also the Fair and Accurate Credit Transactions Act Red Flag rules which require all financial institutions to protect consumers from ID theft require institutions to create a written Identity Theft PREVENTION program- all financial institutions and others that issue credit (even car dealerships) must be compliant by November 1, 2008. Bank of America is not the only institution that has millions of ID theft victims- although it is at the top of the list. See the study by Professor Chris Hoofnagle of Berkely http://repositories.cdlib.org/bclt/lts/45 (see Measuring Identity Theft at Top Banks (1.0, 1.5 and 2.0) Those companies who we trust with our money and our credit and sensitive information indeed have a fiduciary duty to protect it. Criminals take advantage of easy money and lax procedures. Consumers are not at fault in situtations like Amy's ID theft- most of the time ID theft is beyond the control of the victim because the employees are poorly trained or theives themselves or the sensitive data is stolen (60 percent by unscrupulous employees who have access) or taken from data bases with businesses or from documents improperly stored or discarded - or electronically when not encrypted. Law enforcement just can't keep up. It is important for all of us to make it known that we want our sensitive information, our money, and our good name and reputation to be safeguarded just as intellectual property is safeguarded by companies. All we ask is to treat us and our information responsibly and respectfully. Let's focus on what we all want- even the banks want to reduce fraud. Unfortunately, when the banks experience fraud costs they charge us more to make up for it. So if they have to be held accountable themselves, and if the truth is revealed about lax practices (ie : the problems like Amy's; security breaches, etc) in the media and in blogs, perhaps they will focus more on privacy and security rather than on just marketing. In my view- privacy protection, security and trust- provide the best marketing tools the banks can have. From what I see, Amy is brining this issue to light - not just for herself but for the millions of other victims each year who feel betrayed, violated, and frustrated- and yes impotent as well. Making your voice heard is important- and joining together to make your voice heard and suggesting positive solutions is also important. We all need banks- and we need to feel safe putting our money in those banks. And yes, the banks need to make a reasonable profit too- I believe the financial industry can thrive and also be responsible guardians of our money and our sensitive data.

I'm currently going through my own personal hell with BofA. My husband's check card number was stolen and charges were made against our joint checking account. Two things should have raised red flags with security. 1)The card has never been used outside of an ATM machine. It has never been used to purchase anything either on-line or off. 2) The primary checking account was switched from his personal account to the joint account.

Thousands of dollars were charge on the card - this is/was not normal activity

None of this raised any red flags with BofA and when I spoke with their customer service department they made me feel like *I* was the criminal. Even this morning at the branch office the branch manager was trying to accuse us of having our home network hacked (impossible since I have a double firewall on it and get reports anytime someone tries to ping me).

I spent the morning at the bank and the police station. Missed a day at work to boot, all because of their incompetence.

The kicker to all this is that they would do absolutely nothing to help us. The wouldn't freeze or close the account because it was "overdrawn" -- well DUH, fraudulent activity does that!!

I'm the one that had to contact all the affected parties and gather the information regarding IP addresses, order numbers, transaction IDs.

Thankfully this wasn't identity theft! I feel your pain -- keep fighting BofA. I will.

Bofa is evil. I hope they fall on their face.

Working on it!