Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Government

State AGs Send Letter to Meta Asking It to Take ‘Immediate Action’ on User Account Takeovers

A group of 40 state attorneys general have sent a letter to Meta expressing concern over Facebook and Instagram account takeovers.

Meta bug bounty program

A group of 40 state attorneys general have sent a letter to Instagram and Facebook parent company Meta expressing “deep concern” over what they say is dramatic uptick of consumer complaints about account takeovers and lockouts.

The attorneys general called on Meta to do a better job preventing account takeovers — when malicious actors take a users’ accounts, lock them out by changing their passwords, and post their own material, read private messages, scam contacts and engage in other harmful or illegal behavior.

The letter asks Meta to take “immediate action to increase mitigation tactics and respond to users whose accounts have been taken over.” It also asks the Menlo Park, California-based company to provide information on the number of account takeovers over the past five years, the suspected causes of the increase in account takeovers and safeguards it has in place.

“Consumers are reporting their utter panic when they first realize they have been effectively locked out of their accounts,” says the letter dated March 5. “Users spend years building their personal and professional lives on your platforms, posting intimate thoughts, and sharing personal details, locations, and photos of family and friends. To have it taken away from them through no fault of their own can be traumatizing.”

Even worse, the letter says, the takeovers pose a significant financial risk to users, who may be running businesses or have credit card information linked to their social media accounts.

In a statement, Meta said scammers are constantly adapting to evade crackdowns.

Advertisement. Scroll to continue reading.

“We invest heavily in our trained enforcement and review teams and have specialized detection tools to identify compromised accounts and other fraudulent activity,” the company said. “We regularly share tips and tools people can use to protect themselves, provide a means to report potential violations, work with law enforcement and take legal action.”

Related: Meta Patches Facebook Account Takeover Vulnerability

Related: New York Attorney General Fines Vendor for Illegally Promoting Spyware

Related: EU Watchdog Urged to Reject Meta ‘Pay for Privacy’ Scheme

Written By

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.