[vertis]

The OP indicated he hadn't been able to get any sort of response from Facebook at all. I wouldn't consider this as first line of enquiry, it's more for if you can't get any help through regular channels.

I think it's worth pointing out that I'm not suggesting legal threats, which probably wouldn't work anyway with Facebooks size and terms of use. Just talking to their legal team won't necessarily invoke the "no-one else can now talk to them".

That's why asking questions like how law enforcement could engage to catch the hacker might be useful. It's not combative, it speaks more to anger at the hacker than at Facebook, but at the same time a human becomes aware of the problem.

The corporate lawyers that I've worked with spend a lot of time thinking about how things can go badly for a company. That means they're keen to mitigate risks, and they have latitude to actually do things. They have KPIs/OKRs that align with the current problem.

At the end of the day they potentially get to feel good about sorting this problem out as well.