Since my Facebook was hacked last week, I’ve spent a lot of time looking into other people’s stories of being hacked, whether or not their accounts were recovered, and what happened to them. There is a subreddit dedicated to Redditors supporting each other and sharing tips about what happened to them and which solutions were effective. A court filing website, People Clerk, is often recommended as a method to serve letters of intent to Meta Platforms. Since some people have reported success with this method, I gave it a whirl and I’m waiting to hear back. I may be able to sue Meta Platforms in small claims court to recover the money lost in the transaction PayPal deemed “valid.”
One method that is no longer effective? Contacting the office of the California State Attorney General with a consumer complaint against Facebook. In the past, writing to the office has produced hit-or-miss results, until late 2023, when the office began responding to complaints about Meta with a form letter indicating that they are no longer responsible for helping consumers deal with Facebook problems:
Thank you for contacting the Office of the California Attorney General regarding the loss of access to your Meta social media account.
We regret that we cannot provide you with direct assistance in restoring access to your account. Our office is prohibited by law from representing individual consumers in legal matters. We do, within the limits of our resources, bring lawsuits for violations of California law in cases of statewide significance, but we do so as a law enforcement agency, representing the people of the state, rather than on behalf of individual Californians.
We are aware of social media posts stating that Attorney General’s offices can intercede on your behalf with Meta and compel them to reinstate a disabled account, recover a hacked account, or restore access to a lost account. These posts are not authorized by any government agency and do not accurately reflect the role of attorneys general in the handling of consumer complaints.
Which is really an interesting position, considering a) actual identity theft is occuring, b) people are losing all their god damn money, and c) Rob Bonta signed a letter to Meta in March directly addressing these hacks and thefts, which actually profit Meta Platforms. These complaints do not represent “individual consumers,” but a rapidly growing group of victims.
The hackers who stole my money paid it back into Facebook ads. They got into my bank accounts, but Facebook held the door for them and took a cut. If only there was some kind of office, maybe at a state level, that could investigate and prosecute theft perpetrated by businesses registered in that state. But hey, Rob Bonta signed a letter, right?
I’m a nice person. But fuck with my money, and I become intensely persistent. My autism-fueled obsession with fairness and justice wouldn’t let this slide. I put my ability to hyperfocus to work. I scoured Bonta’s past campaign contributions for evidence of Mark Zuckerberg, his wife, the organizations through which they make their political contributions, Meta Platforms, Facebook, and came up with nothing. There doesn’t seem to be a financial or political benefit to letting Meta operate a system of self-enrichment through cyber crime. So, why hasn’t the AG taken action? This is certainly within the purview of the office. Why did it take the initiative of the New York State Attorney General to address this, when Meta Platforms is, I cannot stress this enough, a company registered to do business in the state of California and which is actively engaging in cybercrime?
I wrote a letter of my own to Michigan State Attorney General Dana Nessel (but I’ve redacted specific details here for privacy):
On March 14, 2024, I became the victim of a widespread security flaw on Meta Platform’s Facebook social media service and lost a considerable amount of money. Despite 2factor authentication, my account was accessed and disabled by hackers, with no recourse to appeal. There is no way to contact a Meta representative personally to resolve this issue, as experience by many people in the same situation.
Because I ran business ads on the platform and utilized Facebook marketplace in the past, my financial information was linked to my Facebook account, but I had no way to protect that information once Meta locked me out. I believed that my account had been disabled, and therefore the information was just gone. Having fraud alerts set up on my credit union accounts also put my mind at ease.
Overnight between March 16 and 17, multiple payments were withdrawn from my business account by Meta Platforms. These transactions were labeled as being used by their ad service. Overnight, four separate charges for [redacted] were made to Meta, as well as a [redacted] charge. Other charges were made on the 15th, for [redacted]. On the 14th, Charges were made for [redacted].
In addition to the charges to my business account, they were also able to access my personal account, and charged [redacted], which finally triggered my credit union’s fraud alert. Another charge was made to my Paypal account for [redacted].
In total, I was robbed of [redacted] Neither my credit union, [redacted], nor Meta Platforms, flagged the suspicious activity until it was far too late to prevent it. An initial email to Meta Platforms received no response.
I am a very small business owner (the approximately [redacted] taken from my business account was the only money my company had). My family relies on my income to survive. We are not rich people. This is a devastating blow. Until and unless the fraudulent charges are removed and refunded, we cannot pay our bills, rent, or feed our children. I have taken steps to secure my bank and paypal accounts (as much as I can, considering I found the fraud on a Sunday.) I have reported the fraudulent transactions to [redacted]’s cardholder services, and to Paypal. In addition, I have filed a report online to the Federal Bureau of Investigation’s IC3 division, and will be filing a report with my local township police department to cover my bases.
I’m enraged at the lack of care taken by Meta Platforms to secure the data of their users, and their flagrant disregard for those who use their services. There is no way to contact Meta in these cases. They do not seem to be required to operate any kind of fraud department to deal with these cases, and, while I have CCed the California State Attorney General, other victims of this crime have been informed that the AG’s office will not longer act on complaints made about Meta. It seems that at this point, Meta Platforms is an enormous publicly traded entity operating without sufficient oversight and without regard for the safety of the data they collect.
The resolutions I’m seeking are as follows:
-The immediate restoration of funds to my accounts.
-An apology from Meta Platforms and the restoration of my original business and personal accounts so that I may retrieve my data and block this from happening in the future. As long as I don’t have access to the account and hackers do, there is no way for me to remove my banking information from their service.
-A warning from the State Attorney General’s Office to be issued to Michigan residents about the use of any of their banking information through any Meta Platforms service, such as Facebook, Facebook Marketplace, Instagram, Threads, et. al., as even a cursory internet search will uncover that this issue is widespread across the United States and receiving no attention whatsoever. Consumers deserve to know, so that they can protect themselves.
-An investigation into the insufficient fraud alert system utilized by [redacted], a financial institution operating out of and registered within the State of Michigan. And an apology from [redacted], because I’m petty and angry.
I am thankful for any and all responses and help I receive. Residents of Michigan–and the United States at large–should be warned of the dangers of using Meta Platforms to carry out any business or personal transactions. They are assured by Meta that their data is secure, but they’re either unaware of these issues (due to inaccessible “customer service”) or they simply believe they can lie to consumers and get away with it.
I CCed this letter to my state and federal representatives and senators. Monday, I received a reply from the Director of Constituent Relations at the office of Representative Rachelle Smit,
Michigan House District 43. After my surgery tomorrow and however much recovery time I need before I can deal with all of this, I’ll update with who has and has not responded. If something goes dramatically wrong and I die, please continue to tell everyone how shitty Meta is.
I also CCed this to local media, as a common thread in all the stories I’ve read online is that people simply do not understand how lax the security is at Meta and how much money they’re making from allowing these hacks to happen. I truly believe that this is not a bug, but a feature. Meta Platforms knows it profits them to allow criminals to steal from their users. There is no financial incentive for them to stop this widespread issue, and government offices pretend they are powerless.
Perhaps that’s because Meta Platforms spent more than $19,000,000 annually on political lobbying.
Please, continue to spread the word to your friends and family to disengage their banking information from all Meta Platforms services. Most people only learn of the danger once it happens to them.