The former security chief of WhatsApp has accused the messaging app’s parent company Meta of violating cyber security regulations and putting billions of users at risk.
According to Independent, Attaullah Baig, who joined the company in 2021 before his contract was terminated in 2025, filed a lawsuit with the US District Court for the Northern District of California on Monday alleging that Meta dismissed security issues to instead prioritise user growth.
The lawsuit claims that WhatsApp, which has more than 3 billion users worldwide, failed to address the hacking and takeover of more than 100,000 accounts each day.
The 115-page document also alleges that around 1,500 engineers at WhatsApp and Meta could access sensitive user information, including pictures, location and contact lists “without detection or audit trail.”
Baig said that he was fired in February after warning Meta executives, including chief executive Mark Zuckerberg, of the security issues.
“We have a fiduciary responsibility to protect our users and their data,” Baig told WhatsApp executives in 2022, according to the lawsuit. “The penalties can be severe in terms of brand damages and fines.”
He had previously held security roles at several major financial institutions, including Capital One and PayPal.
If true, the actions would violate a privacy settlement between Meta and the Federal Trade Commission (FTC) in 2019 relating to charges of mishandling user information.