A former Meta employee is being investigated by police for allegedly designing a program to bypass internal security checks and download tens of thousands of private images posted on Facebook when they worked at the company.

A spokesperson for Meta said the social media giant had identified the potential breach last year, fired the employee, and referred the case to police.

According to court papers seen by the Press Association, the man in his thirties lives in London and was arrested in November 2025 on suspicion of unauthorised access to computer material.

The documents reportedly alleged he “accessed and downloaded approximately 30,000 private images belonging to Facebook users whilst working for Meta”.

“It is alleged that he created a script designed to circumvent Meta’s internal detection systems, allowing him to do so,” the court papers reportedly said.

Cybercrime unit on the case

The London Metropolitan Police cybercrime unit is now investigating the case, which relates to the alleged invasion of user privacy.

A spokesperson for Meta said that all users impacted by the breach have been notified, and the company’s security systems have been upgraded since the incident.

“Protecting user data is our top priority,” the spokesperson said.

“After discovering improper access by an employee over a year ago, we immediately terminated the individual, notified users, referred the matter to law enforcement and enhanced our security measures.

“We are cooperating with the ongoing investigation.”

The man is on bail and living in London while this investigation continues.


The former Meta worker allegedly designed a computer script 'to circumvent Meta’s internal detection systems'. Image: Shutterstock

While it’s unknown whether any Australian Facebook users were caught up in the alleged photos breach, Australians impacted by Facebook’s Cambridge Analytica scandal in the 2010s were able to access a $50 million fund in 2025 as part of an ongoing settlement over the incident.

That breach involved the personal data of millions of Facebook users around the world being hoovered up from a personality quiz on the platform, with this data handed over to a British political consulting firm without users’ informed consent.

Meta has also been recently criticised by Australian politicians for using public posts of Australian users to train its artificial intelligence models.

Privacy concerns over Meta smart glasses

It was revealed last month by Swedish newspapers that contracted workers for Meta were accessing private content filmed by wearers of Meta smart glasses.

In response, Meta said that it uses contractors to “review this data to improve people’s experience with the glasses” and that this data is “filtered to protect people’s privacy”, including by blurring faces.

Revelations of the potential security breach came just weeks after Meta, along with YouTube, was found liable for damages after a California jury decided that the company had designed social media platforms which were dangerous for young people.

The jury found that Meta had developed addictive platforms without concern for the mental health of its young users.

Meta and YouTube's parent company Alphabet said they do not agree with the jury’s verdict and plan to appeal the decision.

In late 2024 Meta was also fined $150 million (91 million euros) by the Irish Data Protection Commission, after it found the company had accidentally stored the passwords of some social media users without encrypting them.