Instagram kept deleted photos and messages on its servers for over a year

With the arrival of the GPDR for data protection and privacy, Instagram has set a new rule — if a user deletes photos or messages from his profile, they can only be stored on the servers for up to 90 days. However, an Instagram bug kept the deleted data longer, well over a year.

Security researcher Saugat Pokharel discovered the Instagram security bug in October 2019.

In 2018, Instagram included a tool under the European GDPR that entitles Europeans to access their data that allows users to download all their personal account data from servers.

Using this tool, in October 2019, Pokharel requested a copy of the photos and direct messages from the app, and the copy he subsequently received contained information that he had deleted more than a year ago.

Instagram has stepped up, claiming that this was due to a bug in its system that is now fixed, and Pokharel has been rewarded with an amount of $6,000 for discovering the problem.

According to Instagram, the problem did not go further, and there was no security breach.

Bhasker Dev
Bhasker Dev
Bhasker is our SEO Analyst and manages whole promotion. He is responsible for our website's visibility in all online social platform and search engines. He is also a freelance content creator who posts articles related to cybersecurity.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream