Attaullah Baig, the former head of security at the Meta-owned messaging app WhatsApp, recently filed a lawsuit against the tech giant, accusing it of endangering billions of users. Attaullah is being represented by the whistle-blower organization Psst.org and the law firm Schonbrun, Seplow, Harris, Hoffman & Zeldes. Meta has so far denied the suit’s claims.
What’s in the lawsuit?
According to the 115-page lawsuit, 1500 engineers at WhatsApp had unrestricted access to user data, including profile pictures, locations, group memberships, and contact lists. Baig also claims that internal security tests revealed engineers could “move or steal user data” without detection. This included details like contact information, IP addresses, and profile photos.
The lawsuit also claims that over 100,000 accounts on the messaging app experienced hacking or takeover attempts daily, and the company failed to take any action. Baig allegedly proposed fixes, such as implementing basic cybersecurity measures, including adequate data handling and breach detection capabilities; however, user growth was ultimately prioritized.
Mr. Baig also argues in the lawsuit that Meta’s conduct breached securities laws requiring companies to disclose potential risks to shareholders, as well as violated a privacy agreement the company reached with the Federal Trade Commission (FTC) in 2019.
In an interview, Baig stated that, in addition to filing the lawsuit, he has also alerted the FTC and the Securities and Exchange Commission. “There are just so many harms that the users face. This is about holding Meta accountable and putting the interests of users first.”
Meta’s response
“Sadly, this is a familiar playbook in which a former employee is dismissed for poor performance and then goes public with distorted claims that misrepresent the ongoing hard work of our team,” Carl Woog, a spokesman for WhatsApp, wrote in a statement. “Security is an adversarial space, and we pride ourselves in building on our strong record of protecting people’s privacy.”
This is at odds with Baig’s claims that he was punished after reporting his concerns in 2021, resulting in negative performance reviews and verbal warnings. Eventually, he was fired in February 2025, Meta citing “poor performance” as the main reason.
Other recent Meta controversies
This isn’t the only controversy Meta is courting with former employees in the last month. 6 former and current employees recently came forward as whistleblowers with allegations about the company’s virtual reality devices and apps harming children. According to findings and documents disclosed to Congress, children were exposed to inappropriate content and behavior in VR spaces.
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.