AG Henry in Letter to Meta: Investigate Causes of Spike in “Account Takeovers,” Increase Protection for Consumers

Attorney General Michelle Henry and forty other Attorneys General have sent a letter to social media giant, Meta, asking for an investigation into the increase of “account takeover” incidents — when hackers lock consumers out of accounts, steal personal information, and post harmful content.

In the letter, the Attorneys General present data to show the activity has increased dramatically in recent years — in Pennsylvania, takeovers increased 270 percent from 2022 to 2023 — while asking Meta what it is doing to prevent the takeovers and field complaints from victims.

State Attorneys General have often served as the responsive agency for consumer reports, while Meta customer service has been silent or slow to react.

“Being locked out of a Facebook or Instagram account can be catastrophic for account holders who are left helpless as hackers, in some cases, assume their identity,” Attorney General Henry said. “We are demanding action from Meta and information that explains the alarming increase in takeover activity. The Office of Attorney General is not Meta’s customer service department.”

The increase in account takeovers may be, in part, due to Meta’s recent layoffs of around 11,000 employees, many reportedly from the “security, privacy, and integrity sector.”

Consumers who fall victim to these hacks and hostile account takeovers often turn to their state Attorney General or the Federal Trade Commission, as Meta does not offer live customer service representatives, only automated online customer service support. This adds to consumer’s frustrations and further exacerbates the problem by keeping consumers out of their stolen accounts.

The Attorneys General, in the letter, requested a meeting with Meta leadership to discuss the scope of the issue, its causes and response actions and plans from the social media company. The letter further demands that Meta substantially increase its investment into preventing future account takeovers.