In a major surprise, a security researcher has discovered Twitter doesn't really remove direct messages from its servers even when you delete them. Karan Saini downloaded the archived data for his account and found that the company has been storing deleted DMs dating years back. So, if you've been thinking your DMs are gone for good, you're probably wrong. Here's more on the issue.

Issue Years-old deleted direct messages accessed

When you delete a DM, the idea is that the message goes away from your side of the conversation as well as from Twitter's servers. So, technically, if both parties engaged in a conversation delete DMs, they should go away completely from the company's servers. But, Saini discovered that's not the case; deleted messages can be accessed through a file in archived Twitter data.

Added issue Plus, data from deactivated accounts can also be accessed

Along with deleted messages, Saini also found that DMs sent to and from accounts that have been suspended and deactivated can also be accessed, TechCrunch reported. This is in stark contrast of Twitter's policy which claims once an account has been deleted and deactivated, the account in question and the data associated with it is removed permanently after a 30-day-long grace period.

Twitter's response Twitter is looking into the matter

Though the issue is not major because deleted DMs can only be accessed by the parties involved in the conversation, it does raise some concerns. Saini maintained it is a "functional bug" and not a security flaw. Meanwhile, Twitter has acknowledged the issue and said it is "looking into this further to ensure we have considered the entire scope of the issue."

Information Twitter, too, has been marred by bugs