In a startling development, a former employee of Meta is currently under investigation by the Metropolitan Police for allegedly downloading a staggering 30,000 private images belonging to Facebook users. This troubling incident highlights ongoing concerns about data security and privacy within one of the world’s largest social media platforms.
The Allegations
The engineer, based in London, is suspected of creating a sophisticated programme that bypassed Facebook’s security protocols, granting him access to personal photographs without the users’ consent. This breach, which came to light over a year ago, raises significant questions about the effectiveness of Meta’s security measures and the potential vulnerabilities in its systems.
Upon discovering the breach, Meta acted swiftly. A spokesperson revealed that the company terminated the employee’s contract and promptly alerted law enforcement about the situation. The Metropolitan Police confirmed that a man in his 30s was arrested in November 2025 on charges of unauthorised access to computer material. Following his arrest, he was released on bail with a requirement to report back to the police in May.
Investigative Efforts Underway
The Metropolitan Police’s Cybercrime Unit has taken the lead on this investigation, having received a referral from the FBI in the United States. This collaboration underscores the international implications of the case and the seriousness with which law enforcement agencies are treating the breach.
Meta has indicated that it has informed all affected users about the security violation and has since implemented upgrades to its security systems to prevent similar incidents in the future. The company’s commitment to addressing these vulnerabilities is crucial, given the sensitive nature of the data involved.
Broader Security Concerns for Meta
This incident is just the latest in a series of security challenges that have plagued Meta. Back in November 2022, the Irish Data Protection Commission imposed a hefty fine of €265 million (£228 million) on the company for a breach that exposed the personal details of hundreds of millions of users. Furthermore, in September 2024, it was revealed that Meta had stored certain user passwords unencrypted on its internal systems, resulting in an additional fine of €91 million (£75 million).
Moreover, Meta has found itself embroiled in legal disputes related to the design of its platforms. In March, a California jury determined that both Meta and Google had intentionally developed addictive social media experiences that significantly harmed the mental health of users, awarding $6 million (£4.5 million) to a young woman known as Kaley. Both companies have expressed their disagreement with the verdict and plan to appeal.
Why it Matters
This ongoing investigation serves as a stark reminder of the vulnerabilities that persist in our digital landscape. As technology continues to evolve, the protection of personal data must remain a top priority for companies like Meta. The implications of such breaches extend far beyond individual privacy; they affect public trust in technology and its providers. With users growing increasingly aware of their digital rights, it is essential for firms to enhance their security measures and uphold their responsibilities to safeguard user information. The outcome of this investigation could very well influence the future of data security practices across the tech industry.
