Reclaim The Net Meta’s former WhatsApp security chief says the company buried risks so deep that protecting users became an afterthought to protecting its image.
By Ken Macon
The former head of security for WhatsApp, Attaullah Baig, has filed a federal lawsuit against Meta, alleging that the company concealed extensive security flaws, ignored regulatory risks, and launched a campaign of retaliation when he tried to alert leadership.
The complaint, filed in the Northern District of California, paints a picture of a company that, in Baig’s words, “treats its users like they are just numbers on some dashboard.”
Baig’s lawsuit includes detailed allegations that Meta violated its 2020 FTC Privacy Order and federal securities laws.
We obtained a copy of the complaint for you here.
In a 2022 internal document shared with senior WhatsApp leaders, Baig warned: “We have a fiduciary responsibility to protect our users and their data. The penalties can be severe both in terms of brand damage and fines.”
He outlined six critical failures, including unrestricted employee access to sensitive data, the absence of breach detection capabilities, and the daily compromise of over 100,000 user accounts.
According to the filing, Baig joined WhatsApp in 2021 and quickly uncovered what he believed were significant violations of legal and regulatory obligations.
A “Red Team Exercise” revealed that about 1,500 engineers could access and exfiltrate user data without any tracking or audit trail.
In one of his early meetings with leadership, he told then-head of WhatsApp Will Cathcart that the team had only ten engineers working on security, despite the scale of the platform.
…
Read Full Article Here…(reclaimthenet.org)
Home | Caravan to Midnight (zutalk.com)
Live Stream + Chat (zutalk.com)
Be First to Comment