Twitter found storing deleted direct messages even after years

By Digit NewsDesk | Published on Feb 17 2019
Twitter found storing deleted direct messages even after years

A security researcher has discovered that Twitter holds onto deleted direct messages even years after their deletion, even from suspended profiles

A quick look at some key features of Philips’ air purifiers

This handy little gadget has become a necessity, especially in metropolitan cities where pollution levels tend to be quite high

Click here to know more


  • Twitter holds onto deleted messages even after years of deletion
  • Even messages from suspended accounts are retained

A disturbing revelation about Twitter has emerged recently. According to TechCrunch, a security researcher named Karan Saini has discovered that the microblogging platform apparently holds onto deleted messages for years after their deletion by one or even both parties.

Saini discovered years-old messages in a file which was a part of his Twitter archive. The file included messages that he claims had been deleted, but more shockingly, were from accounts that had been suspended. Twitter allowed users to unsend direct messages by deleting it from their own inbox, but Twitter disallowed this a few years ago. Twitter now allows users to delete messages from their inbox only, but what Saini found was that even when both users had deleted a message from their respective inboxes, Twitter still held onto a copy for years. In fact, Twitter was also found holding onto messages from accounts that have been suspended. Twitter says in its privacy policy that anyone wanting to leave the service can have their account “deactivated and then deleted.” After a 30-day grace period, the account disappears, along with its data. Clearly, that has found to not be the case here.

This revelation raises serious concerns about the integrity of the “delete” button. However, while Twitter may have been found to be in violation of its own privacy policy, both Facebook and Google do state clearly in theirs that they may retain used data even after it has been deleted by the user, or the account removed altogether.

A Twitter spokesperson told TechCrunch that the company was “looking into this further to ensure we have considered the entire scope of the issue.” Twitter does now face a difficult situation not just with user trust, but also with the implementation of Europe’s GDPR law.

Related Reads: Twitter testing pop-up mini profile to make threads easier to read

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.