Twitter has been reportedly retaining messages for years that are being deleted by the users, according to a report by Techcrunch. Security researcher, Karan Saini, who went through the archived files of the website found messages that were over a year old. The messages were supposedly sent from accounts that were no longer available on the social media platform.
This isn’t the first time Twitter has been in the news for such an issue. About a year ago, Saini had reported a similar bug which allowed him to access deleted messages using a simple API. This could be a serious issue of privacy breach shown by Twitter.
A Twitter spokesperson said the company was “looking into this further to ensure we have considered the entire scope of the issue.”
According to the rules on its privacy policies, whenever a user leaves Twitter, they can do so by deactivating and deleting their account. After the grace period, which is 30 days, all the data from the account will be automatically deleted from the database. This easily put Twitter in the legal grey area, especially amidst Europe’s data protection law which precisely states that the user can demand a company to delete their data.
This bug allows literally anyone to gain access to the data of deleted or suspended accounts. Under such circumstances, high-profile persons such as government officials, journalists, social activists, etc. could be in potential trouble of losing data to the wrong hands.
Image via Shutterstock