Bug lets Twitter save your DMs—even after you delete them

You should know by now that whenever you put something on the internet, it will stay there forever. Well, that sentiment holds true when it comes to your Twitter direct messages. It turns out Twitter does not truly get rid of your DMs, even after you delete them, the Verge reports.

A security researcher told TechCrunch that he found a bug on Twitter: The social media platform stores users’ DM data for years, even after it’s deleted. “When you delete a Direct Message or conversation (sent or received), it is deleted from your account only. Others in the conversation will still be able to see Direct Messages or conversations that you have deleted,” according to the Twitter Help Center.

The researcher also found that Twitter keeps DM data from suspended or deactivated accounts, and you can retrieve deleted DMs by downloading your account’s archived data.

The researcher, New Delhi-based Karan Saini, filed the report through HackerOne, a “Bug Bounty Platform” that finds errors in platforms like Twitter.

About a year ago, Saini found a similar bug on the social media platform “that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient — though, the bug wasn’t able to retrieve messages from suspended accounts,” according to TechCrunch.

A Twitter spokesperson told the Daily Dot that the newly discovered bug is “functional,” rather than a security bug, which would pose a much larger risk.

“We are still looking into this further to ensure we have considered the entire scope of the issue,” the spokesperson said.


  • New website will endlessly generate fake faces thanks to AI
  • How to protect yourself from the data breach that affected 744 million accounts
  • Facebook faces pressure from Congress to reduce anti-vaccination exposure

H/T the Verge

The post Bug lets Twitter save your DMs—even after you delete them appeared first on The Daily Dot.


Leave a Reply

Your email address will not be published. Required fields are marked *

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.