Bittrex is not going to recognize any responsibility. All answers are made from template "You were been hacked, and this is your own trouble".
My requests to escalate my ticket to another guy were ignored. Now they close tickets without any explanation.
I have the same problem - my deposit in Bittrex was stolen through API-keys without withdrawal enabled.
Bittrex techsupport closed my tickets with standard bla-bla about phishing, viruses, phone, e-mail ang 2FA hacking and so on.
After third attempt they had to agree, that withdrawals were made with API-key.
Next question - how it was possible - my keys were without withdrawing, I received answer, that thief changed API key (enabled withdrawal), stole deposit, changed API key again (now my API without withdrawal enabled again).
Have to note, that change API-key properties requires 2FA confimation at least. And my phone was with me all time long (protected by password/fingerprint)
And yes, I checked my phone and computer for viruses, trojans etc. - there was nothing, of course.
I'm not alone. a problem exists and BITTREX must recognize its imperfection in safety.
It feels to me that it is some insider job of someone in bittrex. Again it proves that exchange cannot be trusted for your balances.