Perhaps. My anecdotal experience does not show a high ratio of women on facebook who are also friends with their mothers. I have also noticed older seem to list their maiden name less frequently.

However, I do agree that in general several "security questions" that are meant to be hard-to-guess data points are actually easy to find the answer to frequently. Maiden names, and school names/cities/mascots, are often found in online profiles in one way or another.

At the same time, I'm not sure the risk is as large as it seems. These security questions help prevent bulk identity theft and add a friction point to the process, they are certainly not equal alternatives to real 2FA, but they are also less "brute forceable".