Twitter is keeping copies of all of your direct messages (DMs) even after you have deleted them, according to security researcher Karan Saini.
Karan Saini explained to TechCrunch that acting on personal “concerns” he had over the long retention of data, he ended up finding old direct messages from Twitter accounts that had been deleted. Saini did so by acquiring an archive of the accounts through Twitter’s website. He also revealed that a bug within the Twitter platform allowed him to retrieve DMs even after they had been deleted by all accounts (sender and recipients.)
Folks are having some trouble understanding this, so here is a short summary:
DMs are never “deleted”—rather only withheld from appearing in the UI. The archive feature lets you view these DMs, as well as any others with now suspended, or deactivated users https://t.co/IXRdT6G9i6— Karan Saini (@squeal) February 16, 2019
According to Saini, this bug exploits a crack into Twitter’s 30-day policy for users to restore their accounts. Like most platforms, Twitter allows users to restore a deactivated account for a period of time before it is (supposedly) permanently deleted. However, it seems that the data from deactivated accounts (including their DMs) are never really removed from Twitter’s servers.
Something to keep in mind.
You might also like
More from Twitter
Twitter Blue Subscribers Now Get Up To One Hour To Edit Their Tweets
Not only do Twitter Blue subscribers get to edit their tweets, but now they will have up to 60 minutes …
Twitter Now Publicly Shows Who You Are Paying To Subscribe To
Twitter added a "Subscriptions" button to the user profile that lets anyone see who you are paying to subscribe to. Ever …
Twitter Blue Verified Subscribers Can Now Upload 2-Hour Videos
It probably still won't convince you to sign up, but Twitter Blue subscribers can now upload videos up to 2 …
Twitter Launches Encrypted DMs, But Only For Paid Subscribers
To send an encrypted DM on Twitter, you will need to be a Twitter Blue verified user, a verified organization, …
Twitter Is Purging Old Inactive Accounts
The purge of old and inactive Twitter accounts could free up many long-coveted usernames. Musk says Twitter will be removing accounts …
Is Twitter Working On A Cheaper Verification Plan For Organizations?
Twitter is reportedly working on a cheaper alternative for organizations to get verified on its platform. Currently, the only available …
Twitter Will Offer Free API Access For Public Announcement Accounts
Twitter announced it will revert to making its API free to use for accounts posting public announcements such as weather alerts, …
Twitter Will Require All Advertisers To Be Verified
It seems Twitter has found yet one more way to force users into paying for verification: Advertising on the platform …
The Twitter Blue Check Apocalypse Has Begun
Twitter has begun removing blue checkmarks from legacy verified accounts, leaving paid verification as the only way to own a …
