Meta Accused of Ignoring Major Privacy Risks
Meta is facing yet another privacy controversy — this time from inside WhatsApp itself. Attaullah Baig, the former head of WhatsApp security, has filed a lawsuit accusing Meta of failing to protect user data, allowing widespread account theft, and retaliating against him for raising concerns.
500,000 WhatsApp Accounts Stolen Daily?
One of Baig’s most alarming claims is that an estimated 500,000 WhatsApp accounts are hijacked every single day. Despite WhatsApp’s marketing around end-to-end encryption, Baig says Meta has not implemented the necessary safeguards to quickly restore stolen accounts — leaving users vulnerable to fraud, harassment, and data loss.
He also alleged that more than 1,500 engineers had access to some protected user data, far more than needed, and that WhatsApp lacked effective systems to track what those engineers did with the data. If true, that’s a direct violation of Meta’s settlement with the Federal Trade Commission (FTC), which required the company to maintain a robust security program.
Meta Pushes Back
Meta spokesperson Carl Woog dismissed Baig’s allegations as “distorted claims” from a disgruntled ex-employee, insisting the company takes security seriously. But the timing is significant: regulators in the U.S. and Europe have already been tightening scrutiny on Meta over its privacy and data practices.
Privacy Concerns Keep Stacking Up
This lawsuit adds to a long line of complaints about how Meta handles user privacy across its platforms, including Facebook and Instagram. WhatsApp may be encrypted, but it still collects far more metadata than privacy-focused apps like Signal — and pools that data with Facebook for ad targeting and analytics.
For privacy-minded users, this case is another reminder to rethink how much trust to place in Big Tech platforms. Choosing tools that minimize data collection in the first place is a safer move.
If you browse on Android, using a private browser like Incognito Browser can help reduce your online footprint by blocking trackers and ads by default — no Meta oversight required.
The Bigger Picture
Baig’s case could force regulators to once again revisit Meta’s FTC consent decree, possibly leading to new compliance requirements or fines. But for everyday users, the immediate concern is clear: keeping personal data safe requires taking proactive steps, because even the biggest platforms can’t guarantee your privacy.
