It’s like these tech giants never learn. There’s a report that shows Twitter has been secretly storing your deleted DMs for years, even those from deactivated or suspended accounts. The report which was compiled by security researcher Karan Saini shows that when Twitter users choose to delete DMs, the platform doesn’t actually delete these messages from its database.
Saini downloaded his Twitter data only to find achieves of old messages from accounts that were actually not on Twitter any more. This is on top of an earlier reported bug that allowed developers to use an API (now deprecated) to retrieve deleted DMs from active accounts.
Of interest, is Twitter’s policy that after 30 days, a deleted account’s data will be completely discarded but Karan Saini’s discovery proves that this is not true. Whether this is a bug or a security oversight from the company, it casts a shadow of doubt on how serious these social media giants take privacy.
At least, the data is only available to the sender and recipient of the messages but what happens when an account gets compromised and unauthorised eyes get a look at these DMs, yet the subjects thought they had cleared their tracks.
Twitter, however, did respond to these claims saying that they were “looking into this further to ensure we have considered the entire scope of the issue,” read the statement sent to TechCrunch.