The former head of security for WhatsApp has filed a federal lawsuit against Meta on Monday. Attaullah Baig claims paint a troubling picture of widespread security vulnerabilities that allegedly put billions of app users at risk.

The lawsuit alleges that thousands of WhatsApp and Meta employees had unauthorized access to sensitive user information. This data included profile pictures, location details, group memberships, and contact lists.

Baig also claims Meta failed to address over 100,000 daily account hacks and rejected his security improvement proposals.

Meta’s Predictable Response

Meta’s response follows their typical playbook when facing criticism. WhatsApp spokesman Carl Woog dismissed the allegations, claiming Baig was “dismissed for poor performance” and made “distorted claims.” The company emphasized their commitment to privacy protection and security measures.

The lawsuit states that Baig repeatedly warned leadership, including Mark Zuckerberg, about security weaknesses. Instead of addressing these issues, managers allegedly retaliated and fired him in February.

This defensive stance shouldn’t surprise anyone familiar with big tech operations. These companies generate massive profits from user data collection and sales, often worth millions of dollars.

While they claim transparency, the reality is that most users unknowingly agree to extensive data harvesting through complex Terms and Conditions agreements.

FTC Settlement Violations

The lawsuit claims Meta violated their 2019 Federal Trade Commission settlement terms.

That agreement, following the Cambridge Analytica scandal, required stronger privacy practices and regular independent auditing. Meta paid $5 billion in fines and promised comprehensive data security programs.

Baig’s red-teaming exercise revealed that roughly 1,500 WhatsApp employees had unrestricted access to user data. This allegedly violated the FTC settlement requirements for limited data sharing and proper security controls.

Real-World Consequences

According to the lawsuit, Meta blocked several security improvements proposed by Baig’s team. These included enhanced login approval for account recovery and preventing unauthorized profile picture downloads.

Baig described witnessing daily harm including “account compromises, scraping impersonation, journalists being targeted.” His team documented over 100,000 daily hacking incidents that Meta allegedly failed to address properly.

Final Thoughts

Big tech companies like Meta will always defend themselves against privacy and security criticism. However, the mounting evidence from multiple whistleblowers suggests serious systemic issues.

These platforms generate enormous revenue from user data while potentially exposing billions to security risks. And it’s not just Meta, as platforms like TikTok are also profiting from user data.

Users should remain skeptical of corporate privacy claims and consider the real cost of “free” social media services.

For more details on this story, refer to the original report from the New York Times and any future press releases from Meta.

We want to know your thoughts. What do you think about this story? Let us know in the comment section below!

Be sure to stay up-to-date with the latest streaming news, reviews, tips, and more by following the with updates weekly.