Twitter is keeping copies of all of your direct messages (DMs) even after you have deleted them, according to security researcher Karan Saini.
Karan Saini explained to TechCrunch that acting on personal “concerns” he had over the long retention of data, he ended up finding old direct messages from Twitter accounts that had been deleted. Saini did so by acquiring an archive of the accounts through Twitter’s website. He also revealed that a bug within the Twitter platform allowed him to retrieve DMs even after they had been deleted by all accounts (sender and recipients.)
Folks are having some trouble understanding this, so here is a short summary:
DMs are never “deleted”—rather only withheld from appearing in the UI. The archive feature lets you view these DMs, as well as any others with now suspended, or deactivated users https://t.co/IXRdT6G9i6
— Karan Saini (@squeal) February 16, 2019
According to Saini, this bug exploits a crack into Twitter’s 30-day policy for users to restore their accounts. Like most platforms, Twitter allows users to restore a deactivated account for a period of time before it is (supposedly) permanently deleted. However, it seems that the data from deactivated accounts (including their DMs) are never really removed from Twitter’s servers.
Something to keep in mind.
You might also like
More from Twitter
Twitter announced it will start testing Twitter Spaces – Clubhouse-like audio conversation rooms – to its platform later this year.
Joe Biden won the US Presidential election, and Donald Trump has become the biggest loser on Twitter. For real.
A Dutch hacker claims he successfully accessed Donald Trump's Twitter account, simply by guessing his password (and you would have …
WordPress.com announced a new feature that lets you share entire blog posts as Twitter threads, helping you amplify your content …
In its effort to protect critical dialogue on its platform, Twitter is announcing several new product and enforcement updates.