If your Facebook account has ever been hacked, you know it can be an incredibly frustrating ordeal. In fact, it can be so frustrating, that many people reach out to their attorney general out of desperation. Not only do you lose your account, your photos, and a large piece of your online identity, but you then have to try to navigate Facebook’s treacherous recovery process.
Sometimes it’s easy. Sometimes everything works right. But we see clients every day who can’t get even started with the most basic steps because Facebook doesn’t recognize their device that’s been associated with their account for years. Or the hacker gets their account disabled and Facebook leaves them with zero options and zero customer support.
That’s when many users seek the help of their government, mostly in the form of their attorney general. The California Attorney General was at one point a beacon of hope for people in these situations. Meta is in California and there seemed to be a well-paved pathway between the two entities. Then the word spread, likely flooding the attorney general’s office with thousands of requests. And in the fall of 2023, they stopped helping altogether. But that doesn’t mean people have stopped contacting them.
Attorney General Offices Demand More from Facebook
In a coordinated effort to address escalating cybersecurity concerns, state attorneys general from across the United States have collectively penned a letter to Facebook, demanding immediate action against a troubling rise in account takeovers on its platforms. The letter highlights a dramatic increase in user complaints and significant resource drain on state offices tasked with addressing these issues.
The attorneys general expressed deep concern over the “alarming” spike in incidents where threat actors compromise user accounts, changing passwords and effectively locking legitimate users out. Once inside, these actors gain the ability to manipulate personal information, read private messages, scam contacts, and engage in other malicious activities. The ramifications for users extend beyond mere inconvenience; many report severe distress and financial damage as their digital lives, containing years of personal and professional information, are hijacked.
Why Is It Getting Worse?
States such as New York, Vermont, North Carolina, Illinois, and Pennsylvania have reported exponential increases in such complaints over the past year. New York, for example, saw complaints about account takeovers on Meta platforms jump from 73 in 2019 to 783 by the end of 2023. Vermont saw a 783% increase in complaints from 2022 to 2023. North Carolina, Pennsylvania, and Illinois all reported increases of over 200% in that time.
The attorneys general suggest that the rise in these security breaches coincides with Meta’s announcement in November 2022 of substantial layoffs, particularly within the sectors responsible for security, privacy, and integrity. This correlation has led them to question the adequacy of Facebook’s current investments in security measures and their capacity to safeguard user accounts against such vulnerabilities.
Meta as a company is worth well over $1 trillion.
They are simply choosing to use their resources in places other than security and support. Attorney general offices are not happy about it.
Attorneys General Make Their Request
The letter sternly requests that Facebook, referred to by its parent company name Meta, significantly increase its investment in technologies and strategies to mitigate account takeovers. Additionally, it emphasizes the need for Meta to improve its responsiveness to users whose accounts have been compromised, thereby relieving state offices from the undue burden of stepping in as de facto customer support.
Furthermore, the attorneys general are seeking an urgent meeting with Meta executives to discuss these issues in detail. They are requesting comprehensive data from the company, including the number of account takeovers over the past five years, suspected causes for the increase in these incidents, current safeguards in place, and the procedures followed once an account has been compromised.
Featured image from Wikimedia Commons.