Source: Joe Maring / iMore
What you need to know
- A worrying bug was discovered on Instagram's servers.
- Security researcher Saugat Pokharel discovered deleted Instagram photos and messages were kept by Instagram long after he deleted them.
- He found data that had been stored for more than a year.
A security researcher discovered a now-fixed Instagram bug that meant removed photos and messages were kept for more than a year after they were deleted.
A security researcher was awarded a $6,000 bug bounty payout after he found Instagram retained photos and private direct messages on its servers long after he deleted them.
Independent security researcher Saugat Pokharel found that when he downloaded his data from Instagram, a feature it launched in 2018 to comply with new European data rules, his downloaded data contained photos and private messages with other users that he had previously deleted.
As the report notes, it isn't "uncommon" for companies to keep data that has been deleted for a time, whilst it is properly removed from its network. Indeed, Instagram said that its own process takes about 90 days to fully remove deleted data from its system. You can imagine Pokharel's surprise when he found that data he'd supposedly deleted from his Instagram was still available from Instagram's data download tool more than a year after it had been deleted:
"Instagram didn't delete my data even when I deleted them from my end," he told TechCrunch.
According to the report, the bug was reported in October of 2019, and fixed by Instagram last month. In a statement Instagram said:
"The researcher reported an issue where someone's deleted Instagram images and messages would be included in a copy of their information if they used our Download Your Information tool on Instagram. We've fixed the issue and have seen no evidence of abuse. We thank the researcher for reporting this issue to us."
Given the report, it's unclear how widespread the issue may have been, or how long it had gone on for prior to fixing. It seems there's every possibility other users could have been affected by the problem, and as such, Instagram may have kept user's photos and messages for a lot longer than previously thought.

Phenomenal iOS 16 concept has all of the features you've been dreaming of
With Apple keeping its iOS 16 plans close to its chest, we already know that we'll be very happy indeed if it turns out to be anything like this new concept.

Review: SANDMARC's Macro Lens easily beats the native iPhone macro mode
While the iPhone 13 Pro is capable of Macro mode photography, it is far from perfect. With SANDMARC's 25mm Macro Lens, you can get even better macro photos with your iPhone 13 Pro, or even with older iPhones.

Woman's lost Apple Watch costs her $40K in fraudulent Apple Pay charges
A woman who says she dropped and lost her Apple Watch at the EPCOT Center has now filed a police report saying that she is on the hook for $40,000 in fraudulent credit card charges as a result.

Catch up with the latest Apple TV+ shows with the best streaming devices
Binge watch the latest season of Ted Lasso and so much more with the best streaming devices that support the Apple TV app.