Apr 12, 2026
0 Comments
It is with grave and serious concern to report that on Friday, April 10, 2026, in the wee hours of the morning while I was fast asleep, The REVIEW became the victim of a cyberattack when my personal Facebook account was compromised by an unauthorized third party at 2:14 AM.
When I awoke in the morning and started checking incoming e-mails, immediately I noticed one stating my Facebook account had been restricted for publishing inappropriate material, and that I had 48-hours to appeal the decision before my personal account would be disabled.
While in control of the account, the attacker apparently had uploaded inappropriate material violating Meta’s Community Standards policy, and their automated systems detected this content and suspended the account at 2:14 AM..
At 2:17 AM, just three minutes later, Meta issued a second notification stating that a “review” had already been completed and the account was permanently disabled with no further appeal available.
The attacker, operating from foreign IP addresses traced to Vietnam and known VPN/proxy services, gained access to my account through session token theft (cookie hijacking), bypassing my two-factor authentication, which had been enabled since August 2019.
No human review occurred and this suspension was all A.I. generated. The suspension, review, and permanent disable were completed in three minutes by automated systems.
Since this suspension, as the account holder I have been given no opportunity to present evidence that the account was compromised
Forensic Evidence of Account Compromise
While unable to log-into my account to report this attack, the only option given was to download an official Facebook data export, which contained the information used to base their decision to suspend the account.
Generated by Meta’s own systems on April 10, a Forensic Analysis of this information provided conclusive evidence that the account was under the control of an unauthorized third party at the time the offending material was uploaded.
This evidence includes:
• Foreign login sessions from Quảng Ninh Province, Vietnam and Seattle, Washington in the minutes before the account was disabled, while sleeping securely in my bed here in Saginaw, Michigan.
• Session token reuse showing the Vietnam and Seattle sessions using the same cookie identifier, confirming cloned session tokens replayed through multiple proxy locations
• Unauthorized birthday changes made three times on April 10 from foreign IPs and automated clients (C++/THttpClient user agent), a documented technique used by attackers to block account recovery
• Multiple security checkpoint triggers (“Checkpoint: Login-Approvals Enforcement”) from the attacker’s IP addresses, confirming Meta’s own systems detected the suspicious activity
• Consistent legitimate access pattern showing my normal access exclusively from Saginaw, Michigan via iPhone 14 and secure Mac devices on IPv6 addresses entirely distinct from the attacker’s sessions.
Since this attack, I have filed a report with the Saginaw Police Department documenting this unauthorized access to my account as a victim of federal crimes including unauthorized access to a computer system (18 U.S.C. § 1030) and the attacker’s upload of inappropriate material. A complaint has also been filed with the FBI’s Internet Crime Complaint Center, along with the Attorney General’s office under their Consumer Protection Division.
It is deeply disturbing that the permanent disabling of my account, based on a 3-minute automated review with no human oversight and no meaningful appeal, punishes the victim for the crime committed against him.
Although I have been unable to contact a human employee at Facebook, this morning I was able to submit evidence from the Forensic Audit along with a request for account restoration to Meta, which hopefully will be resolved and expedited within 7 business days.
Community Impact Upon a Local News Outlet and Cultural Institution
The consequences of this enforcement action extend far beyond my individual personal account. As the founder, editor, and publisher of Review Magazine, one of the longest-running independent community publications in Michigan, this disabling of my account has simultaneously taken down multiple Facebook pages that serve as ancillary communication channels for this publication, which is a local community information hub.
Review Magazine has been published continuously since April 1979. For 47 years, it has served the Saginaw, Michigan area as a free community publication covering local culture, arts, news, and events.
Our Review Magazine Facebook page has 4,100 followers who rely on it for local news, event coverage, and community information. That audience has been cut off without warning or explanation.
Additionally, with the 40th Annual Review Music Awards show scheduled for May 3, 2026, celebrating four decades of recognizing local musicians and music, this attack and the difficulty with utilizing Facebook to interact with nominees and followers on our Review Music Awards Facebook page (1,100 followers) to announce nominees, promote the event, coordinate with performing musicians, and drive attendance has also posed distinct challenges.
Until our account is restored, we have lost the ability to promote, update, or communicate about the event using our Facebook platform during this most critical promotional window of the year.
The impact is not theoretical. While our online edition and print editions remain unaffected, a cybercriminal’s attack on one account has truncated our ability to interact with the broader Great Lakes Bay area music community that has participated in this tradition for 40 years and is now threatening to undermine a community cultural institution.
Meta’s Oversight Board’s mission is rooted in protecting freedom of expression and ensuring that Meta’s enforcement actions are consistent with human rights principles. When an automated system permanently silences a journalist, a 47-year-old news publication, and a 40-year-old community cultural event based on the actions of a hacker, with no human review and no avenue for appeal, that is a direct and measurable harm to freedom of expression.
The people affected are not simply me as an individual. They are the readers, musicians, artists, and community members who rely on our Facebook pages for information and connection.
It represents a systemic failure in automated enforcement. Meta’s automated systems cannot distinguish between content uploaded by an account holder and content uploaded by an attacker who has hijacked the account.
This failure affects an unknown number of users whose accounts are compromised and then permanently disabled based on attacker behavior.
Indeed, for over two years now, numerous class action lawsuits have been filed against Meta for these very reasons. The “review” process was illusory. A 3-minute turnaround between suspension and permanent disable with no further appeal available is not a meaningful review process. It represents a due process failure that I am hoping Meta will address within the next few days.
The Meta Board is apparently already examining account disabling practices. In January 2026, the Board announced its first case reviewing Meta’s approach to permanently disabling accounts, calling it “an urgent concern for Meta’s users.”
This case falls squarely within that area of inquiry and provides a clear example of how automated enforcement can produce unjust outcomes when context is ignored.
It also raises human rights concerns about proportionality.
Permanently disabling a victim’s account because of an attacker’s actions, with no avenue for appeal, is disproportionate by any standard. It punishes the victim for the crime committed against them, including the right to freedom of expression and the principle of proportionality in restrictions on that right.
Hopefully, this situation will be resolved within an expeditious manner, insofar as it all happened on Friday at the start of the weekend.
Until it is resolved, I want to encourage our readers to continue to check our online edition here at www.review-mag.com daily for new stories, features, and updates; and please share our stories and features on your own social media platforms to keep our most cherished freedoms of expression flowing, as opposed to becoming the remnant of a distant memory from the past.
The Aftermath • META Fails to Restore REVIEW Facebook Page & Allows Theft of Assets • Michigan Consumer Protection Division Unable to Exercise Oversight Over Integrity of Facebook Platform
Since this cyber-attack two months ago, META has continued to allow these foreign actors to illegally use and appropriate our assets with no meanginful actions taken on their part to remedy this disturbiong situation, despite our ongoing efforts to do so which have included enlising the aid of The Consumer Protection Division of the Michigan Attorney General's Office.
Within days of the attack and following the Forensic Audit establishing how our accounts werre hacked, we sent the following list of demands to META:
1. Immediate Account Restoration. We demand the immediate restoration of Mr. Martin’s Facebook account and all associated pages, including the Review Magazine page (approximately 4,100 followers), the Review Music Awards page (approximately 1,100 followers), and the Saginaw Area Daily Events page (approximately 4,800 followers). The forensic evidence from Meta’s own data export conclusively establishes that the policy violation was committed by an unauthorized third party, not by Mr. Martin.
2. Removal of Policy Violations from Account Record. All policy violations, strikes, and enforcement actions associated with the attacker’s activity must be removed from Mr. Martin’s account record.
3. Evidence Preservation. Pursuant to 18 U.S.C. § 2703(f), we formally request that Meta preserve all records, logs, session data, IP addresses, content uploads, device information, and any other data associated with Mr. Martin’s account for a period of not less than 180 days, pending law enforcement requests. This preservation request specifically includes all data associated with the unauthorized sessions originating from foreign IP addresses on April 6–10, 2026, as well as any content uploaded to the account during that period.
4. Credential Reset. Upon restoration, all authentication credentials must be reset, all existing sessions must be terminated, and two-factor authentication must be re-enrolled to prevent the attacker from regaining access.
5. Reversal of Attacker Changes. All profile modifications made from unauthorized IP addresses, including birthday changes, must be reverted to their pre-compromise values.
The permanent disabling of our accounts, based on a 3-minute automated review with no human oversight and no meaningful appeal, punishes the victim for the crime committed against him.
We expect a response within 7 business days. If the account is not restored within a reasonable timeframe, Mr. Martin reserves all rights and remedies available under applicable law, including but not limited to claims under Michigan consumer protection statutes and applicable federal law.
The following is the complaint we filed with the Consumer Protection Division at the Michgian Attorney General's Office:
Nature of Complaint: Wrongful permanent account disabling; destruction of Michigan small business assets; no meaningful appeal or human review process; automated enforcement action taken against a crime victim based on the actions of a cybercriminal.
The forensic evidence proving the account was compromised exists in Meta’s own data. I downloaded my official Facebook data export on April 10, 2026. It shows foreign login sessions from Vietnam and proxy servers, unauthorized birthday changes made by automated tools, and Meta’s own security systems flagging the suspicious activity through repeated “Checkpoint: Login-Approvals Enforcement” events.
My legitimate sessions have always originated exclusively from Saginaw, Michigan. The data conclusively proves that the policy violation was committed by a criminal, not by me.
META’s UNFAIR & DECEPTIVE PRACTICES\
1. Illusory appeal process. Meta’s first email stated I had 180 days to appeal. Three minutes later, a second email stated the review was already complete and permanent, with no further appeal available. Offering an appeal window and then closing it before the account holder can possibly respond is deceptive
.2. No human review. A 3-minute turnaround between suspension and permanent disable is not consistent with any meaningful human review. The decision to permanently destroy a Michigan business owner’s commercial assets was made entirely by automated systems.
3. Failure to distinguish between victim and attacker. Meta’s own systems detected the suspicious foreign login activity (evidenced by the checkpoint triggers in the data export) but failed to correlate this security data with the content violation. The system had the information needed to identify this as an account compromise but chose to permanently punish the account holder instead.
4. No accessible recovery path. Meta’s account recovery channels (facebook.com/hacked, the Account Recovery Hub) do not function for permanently disabled accounts. The Oversight Board’s appeal portal requires an active Facebook login, which is impossible for a disabled account. Meta has created a system where a hacking victim whose account is used to upload illegal content has no viable path to restoration.
5. Destruction of business assets with no recourse. The Facebook pages associated with my account represent years of audience-building and are integral to the operation of a Michigan small business. Meta permanently destroyed these assets based on automated processing with no human review, no meaningful appeal, and no recourse for a victim of cybercrime.
Relief Requested
• Restoration of my Facebook account and all associated pages (Review Magazine, Review Music Awards, Saginaw Area Daily Events)
• Removal of all policy violations and strikes from my account record that resulted from the attacker’s actions
• Human review of my case with consideration of the forensic evidence of account compromise
• Investigation by the Attorney General’s office into Meta’s practice of permanently disabling hacked accounts based on automated review, with no meaningful appeal process available to Michigan consumers and businesse
• Preservation of all evidence related to the unauthorized access for law enforcement investigation
Much to our surprise, the Attorney General's office did receive a response from META requesting us to establiish a secure email address, different from the one that was compromised, in order to regain control of our assets. The Consumer Protection Division gave them until May 15th to have this resolved.
Upon responding to the link META sent to us, we were still unable to log into our accounts because we never received any 2-factor identification in order to secure the log-in.
In attempting to reclaim our accounts, META kept asking for our password, which the attackers had obviously changed, but we were told because we could not answer with the corrrect password we would have to verify through responding to 2-factor identification links that would be sent to our phone number.
The only way I was able to regain entry through my phone was to enable 2-factor authentication; however, when attempting to do so on my laptop, I was \ told I had to change my password and META would send me a link through my proton email address. When clicking that link I was told a verification code would be sent to my phone, only the verification code never came.
Because I was at least logged into my personal account on my phone, I did not log out. However, the next day on Friday, May 15th - the day this was supposed to be resolved - I received a message from META saying they had logged me out of my personal account because of 'security concerns'....plus, they had also disabled other methods of notification, such as sending the code to my phone, which explains why I was unable to log in through my computer.
Consequently, once again we were caught in a loop where we were unable to access either our personal or Business assets on META unless we knew the current password that the cyberattackers changed on us.
After the May deadline and reporting to the Attorney General's office how we momentarily had retained access only to have it rescinded, the A.G. said META would have until June 15th to respond - however, on June 6th the A.G. received a response from META saying they had taken all appropriate actions according to their policies and were considering our case now CLOSED.
Upon responding to the AG that we have already sent a list of demands to META and over the past six weeks they have addressed none of them, so at this juncture apparently the question is what their office can do to compel them to resolve this matter.
Permanently disabling a victim’s account because of an attacker’s actions, with no avenue for appeal, is disproportionate by any standard. It punishes the victim for the crime committed against them. International human rights principles, including the right to freedom of expression and the principle of proportionality in restrictions on that right, support reversal of this decision.
Here was the response from the Consumer Protection Division:
"This office has received and reviewed your response regarding Meta. As your response indicates, your positions are in conflict, and we regret that our exchange of correspondence has not resolved the issue.
"While we certainly can appreciate your position in this matter, the Attorney General is not able to act as your private attorney, or as a court of law, and does not have the authority to render a judgment regarding this matter. Michigan law authorizes the Attorney General to provide legal opinions to state officials, members of the legislature, state departments and commissions, and under certain circumstances, county prosecuting attorneys."
"Since your request does not fall within this framework, and since Meta has not proposed a voluntary resolution of the matter, regrettably, we are unable to assist you further. This statement is not a reflection as to the validity of your complaint or acceptance of the information submitted in the company's reply."
PARTING THOUGHTS
Because of all these AI generated protocols, block-chains, and so-called security permissions, we continue to be locked out of property and assets that are rightfully ours and as the victim of this attack, continue to be the one who punished.
Moreover, we continue to get notifications and requests from META from strangers we do not know requesting permission to become business asset partners on our REVIEW Magazine facebook account.
For all we know, these attackers are now fraudulently conducting business with our assets, which is a very serious situation. The waste and damage is simply spreading,, insofar as apparently there is no authority, legal entity, or recourse of remedy able to enforce due diligence or meaningful liability in any matter for META to assume responsibility for their gross negligence.
info@review-mag.com
989-780-4162
Comments (0)