An Indian-origin cybersecurity skilled who as soon as led WhatsApp’s safety crew has taken Meta to court docket, accusing the corporate of ignoring main privateness vulnerabilities and retaliating in opposition to him for flagging the dangers.
The lawsuit, filed within the US District Court docket for the Northern District of California, comes from Attaullah Baig, who joined WhatsApp as head of safety in 2021. In his criticism, Baig claims that his warnings about “systemic cybersecurity failures” on the messaging large have been brushed apart, and that his makes an attempt to escalate the matter internally in the end value him his job.
What Baig Alleged
In accordance with the lawsuit, Baig found throughout a routine safety take a look at that just about 1,500 WhatsApp engineers had “unrestricted entry” to person information, together with delicate private info. He alleges that the shortage of correct audit trails meant workers might “transfer or steal such information with out detection,” doubtlessly leaving WhatsApp in violation of federal regulation and a 2020 privateness settlement Meta reached with the US Federal Commerce Fee.
The criticism additional claims that after Baig’s preliminary disclosures, he started receiving poor efficiency opinions and was subjected to what he describes as a marketing campaign of retaliation. He additionally lodged complaints with the US Securities and Alternate Fee (SEC) and the Occupational Security and Well being Administration (OSHA), alleging each retaliation and compliance failures.
Baig was ultimately terminated in February this 12 months, formally as a part of a spherical of layoffs.
Meta’s Response
Meta has strongly rejected Baig’s claims. An organization spokesperson advised CNBC: “Sadly it is a acquainted playbook wherein a former worker is dismissed for poor efficiency after which goes public with distorted claims that misrepresent the continuing exhausting work of our crew. Safety is an adversarial area, and we delight ourselves in constructing on our robust file of defending folks’s privateness.”
Importantly, the lawsuit doesn’t allege that person information was truly stolen or misused, however argues that WhatsApp’s inner practices left thousands and thousands of customers uncovered to potential danger.
Who Is Attaullah Baig?
Attaullah Baig is an Indian-origin cybersecurity knowledgeable with greater than twenty years of expertise. A graduate of NIT Warangal with a level in Pc Science, he later accomplished a Grasp’s in Pc Science from the College of Utah.
At WhatsApp, Baig’s position as head of safety concerned overseeing compliance and defending person information throughout one of many world’s most generally used messaging providers. His authorized crew, together with whistleblower advocacy group Psst.org, maintains that his dismissal was a direct results of elevating privateness issues.
The case has now reignited debate round Meta’s privateness file — significantly on WhatsApp, which has over 2 billion customers globally, together with greater than 500 million in India.
