Forty-one state attorneys general signed a letter demanding that Meta take “immediate action” to address the “dramatic increase” in account takeovers and lockouts on its social media platforms.
“Consumers are reporting their utter panic when they first realize they have been locked out of their accounts,” the letter reads. “Users spend years building their personal and professional lives on your platforms, posting intimate thoughts, and sharing personal details, locations, and photos of family and friends. To have it taken away from them through no fault of their own can be traumatizing.”
The letter acknowledged that “account takeovers are not a new phenomenon” and that it affects all social media platforms and other types of online accounts.
“However, the frequency and persistence of account takeovers on Meta-owned platforms puts it in a league of its own,” the letter stated.
Compromised accounts allow the threat actor to access the user’s personal or business information, private messages, and contacts. There is also a significant financial risk of harm for those who use the platform for their business.
“There is a significant risk of financial harm to both the affected user and other individuals on the platform,” the attorneys general wrote. “Many use Facebook as a hub for their business to engage in consumer transactions through Facebook Marketplace; some users even have credit cards tied to their accounts. We have received a number of complaints of threat actors fraudulently charging thousands of dollars to stored credit cards.”
The letter said that the number of complaints to the New York Attorney General’s office “rose more than tenfold” between 2019 and 2023, with 73 and 783 complaints, respectively.
“In January 2024 alone, the office received 128 complaints,” according to the letter.
Other states showed similar increases, noting that there was a significant spike at about the time that Meta laid off about 11,000 employees in the “security and privacy and integrity sector” in November 2022.
In Vermont, complaints spiked by 740 percent from 2022 to 2023, and in North Carolina, complaints jumped by 330 percent over the same period, according to the letter.
“Such statistics are extremely troubling,” the letter continued.
It also provided several examples of complaint letters from users whose accounts were “hacked and taken over,” and they have been unable to reach Meta for help despite numerous attempts.
“My Facebook account and my email account were hacked and taken over,” one user wrote, according to the letter. “The person changed the email on my Facebook and deleted my phone number. ... I have reported this to Facebook in every way possible and many of my friends have reported it as a fake account. Nothing has been done by Facebook and they claim it doesn’t go against their standards. ... It’s basically a case of identity theft and Facebook is doing nothing about it.”
Another user wrote: “My Instagram business account was blocked. ... I have invested my life, time, money, and soul in this account. All attempts to contact and get a response from the Meta company, including Instagram and Facebook, were crowned with complete failure since the company categorically does not respond to letters. There is also no answer to the forms provided in their help center.”
The attorneys general said they would like to discuss their concerns with Meta and also requested that the company “take immediate action and substantially increase its investment in account takeover mitigation tactics, as well as responding to users whose accounts were taken over. ... We refuse to operate as the customer service representatives of your company.”
Meta’s Response
Meta told The Epoch Times that its enforcement and review teams are well-trained to detect compromised accounts.The company also said it offers “tips and tools” on its website and platforms to help users protect their accounts from hackers.
