A former employee of Meta is under criminal investigation after allegedly downloading around 30,000 private photos from Facebook, raising serious concerns about insider threats and data security within major tech companies.
According to investigators, the individual—based in London—reportedly created a custom script designed to bypass internal security systems, allowing unauthorized access to users’ private images. The breach is believed to have taken place while the individual was still employed, exploiting internal access privileges combined with technical expertise. (The Guardian)
The incident was discovered more than a year ago by Meta, which acted swiftly by terminating the employee, notifying affected users, and referring the case to law enforcement authorities. The company has since strengthened its internal safeguards to prevent similar breaches. (The Guardian)
The suspect was arrested in late 2025 and is currently out on bail as the investigation continues under the Metropolitan Police’s cybercrime unit. Authorities are examining the full extent of the breach, including whether the data was shared or misused beyond initial access. (Tom’s Guide)
This case highlights a growing risk in the digital age: insider threats. While companies invest heavily in cybersecurity systems, employees with access and technical knowledge can sometimes circumvent safeguards, exposing sensitive user data. (Malwarebytes)
For Meta, the situation adds to ongoing scrutiny around data protection and privacy practices. For users, it serves as a stark reminder that even “private” content stored on platforms may not be entirely immune from risk.
As the investigation unfolds, the case could have wider implications for how tech companies monitor internal access—and how much trust users place in digital platforms to safeguard their most personal data.
