Your Twitter DMs Are Never Really Deleted From The Servers

Twitter is keeping copies of all of your direct messages (DMs) even after you have deleted them, according to security researcher Karan Saini.

There are messages you would rather keep away from the world. Maybe even claim they were never sent. So, you delete them. But a security researcher has just found that your Twitter DMs are never really gone from the company’s servers, even years after you have technically deleted them on your side.

Karan Saini explained to TechCrunch that acting on personal “concerns” he had over the long retention of data, he ended up finding old direct messages from Twitter accounts that had been deleted. Saini did so by acquiring an archive of the accounts through Twitter’s website. He also revealed that a bug within the Twitter platform allowed him to retrieve DMs even after they had been deleted by all accounts (sender and recipients.)

https://twitter.com/iasni/status/1096743762007486465

According to Saini, this bug exploits a crack into Twitter’s 30-day policy for users to restore their accounts. Like most platforms, Twitter allows users to restore a deactivated account for a period of time before it is (supposedly) permanently deleted. However, it seems that the data from deactivated accounts (including their DMs) are never really removed from Twitter’s servers.

Something to keep in mind.

[box]Read next: Reddit Introduces “App Install” Campaign Objective And Improves Its Conversion Pixel[/box]