A former Meta employee is currently facing scrutiny from the Metropolitan Police after allegedly downloading an astonishing 30,000 private photographs belonging to Facebook users. This incident has raised serious concerns about data privacy and the security measures in place at one of the world’s largest social media platforms.
A Disturbing Discovery
The investigation revolves around a London-based engineer who reportedly crafted a programme designed to bypass security protocols, enabling unauthorized access to personal images stored on Facebook. This alarming breach was uncovered over a year ago, prompting Meta to take immediate action. A spokesperson for the company disclosed that the individual was promptly dismissed from their position and that the matter was referred to law enforcement.
The Metropolitan Police confirmed that a man in his thirties was arrested in November 2025 on charges of unauthorised access to computer material. Currently released on bail, he is scheduled to report back to the police in May, according to information from the Press Association.
A Global Response
This investigation has attracted international attention, as it is being conducted by the Cybercrime Unit of the Metropolitan Police following a referral from the FBI in the United States. Such cross-border cooperation highlights the serious nature of the allegations and the potential ramifications for user privacy on a global scale.
In light of this incident, Meta has reached out to the Facebook users whose photos were inappropriately accessed. The company has also taken steps to bolster its security systems to prevent similar breaches in the future.
Meta’s Troubling History with Data Security
The breach is not an isolated incident for Meta, which has faced multiple critical issues regarding user data protection. In November 2022, the Irish Data Protection Commission imposed a hefty fine of €265 million (£228 million) on Meta due to a breach that exposed the personal details of hundreds of millions of users. Furthermore, in September 2024, the DPC found that Meta had inadvertently stored unencrypted passwords on its internal systems, resulting in another fine of €91 million (£75 million).
Additionally, the company has been embroiled in legal challenges concerning the design of its apps, which have been accused of fostering addiction among users. In a significant case in March, a California jury awarded $6 million (£4.5 million) in damages to a young woman whose mental health was reportedly harmed by the addictive nature of platforms operated by Meta and Google. Both companies have expressed their disagreement with the verdict and plan to appeal.
Why it Matters
This latest incident underscores the urgent need for enhanced data protection and accountability within tech giants like Meta. As privacy concerns continue to rise, users must be assured that their personal information is safeguarded against unauthorized access. With ongoing investigations and legal battles, the implications of this breach could reverberate throughout the industry, prompting a reevaluation of privacy standards and security protocols. As technology evolves, so too must our vigilance in protecting the sanctity of personal data.
