**
A former Meta employee is at the centre of a criminal investigation after allegations surfaced that he downloaded around 30,000 private images from Facebook users. This shocking breach of privacy has prompted a comprehensive inquiry by the Metropolitan Police’s cybercrime unit, raising serious questions about data security at one of the world’s largest tech firms.
The Allegations
The engineer, who was part of Meta’s workforce, reportedly devised a programme that enabled him to bypass internal security protocols and access personal photos without authorization. The incident, which came to light over a year ago, prompted Meta to act swiftly by terminating the employee and notifying affected users.
Police documents indicate that the former employee is alleged to have accessed and downloaded these images while employed at Meta. Furthermore, it is claimed that he created a specific script designed to evade the company’s security systems, indicating a deliberate and premeditated violation of user privacy.
Ongoing Investigation
The investigation is currently underway, with a specialist detective leading the charge from the Metropolitan Police’s cybercrime unit. The individual involved remains on police bail, and his next required appearance at the police station is scheduled for May. Authorities have mandated that he inform them of any travel plans outside the UK during this period.
Meta has confirmed their cooperation with law enforcement in this ongoing probe. A spokesperson for the company emphasised, “Protecting user data is our top priority. After discovering improper access by an employee over a year ago, we immediately terminated the individual, notified users, referred the matter to law enforcement, and enhanced our security measures.”
Past Security Issues
This latest incident is not the first time Meta has faced scrutiny over its data protection practices. In 2018, the company experienced a bug that potentially affected up to 6.8 million users, allowing third-party applications broader access to user photos. More recently, in 2024, Meta was fined €91 million by Ireland’s Data Protection Commission for storing millions of user passwords in plaintext, a significant breach of data protection protocols.
Additionally, just last month, Meta, alongside Google, faced a landmark court ruling that found the companies liable for failing to protect a woman from the harmful effects of childhood social media addiction. This ruling could have far-reaching implications for how these platforms operate in the future.
User Trust at Stake
The ramifications of this investigation extend beyond just one employee’s actions. With user trust already tenuous, incidents like these continue to cast a shadow over Meta and its subsidiaries, including Instagram and WhatsApp. The company is under increasing pressure to bolster its security measures and ensure that user data is rigorously protected from internal and external threats alike.
Why it Matters
This investigation highlights the critical importance of data security in an age where personal privacy is increasingly vulnerable. As users entrust their private lives to social media platforms, incidents like this serve as a stark reminder of the potential risks involved. For Meta, the stakes are high; not only must they restore user confidence, but they must also navigate the complex landscape of legal and regulatory scrutiny that follows such breaches. As we move forward, the outcome of this case could redefine how major tech companies manage and safeguard user information.
