It seems Instagram wasn’t quite honest with its users when it gave them the option to permanently delete their messages and photos. Security researcher Saugat Pokharel has clinched a $6,000 bug bounty after noticing that the service kept messages and photos on its servers long after users wiped them, TechCrunch reports. The discovery was possible thanks to Instagram‘s own data download tool, which the company released in 2018 to comply with GDPR. It’s pretty standard practice for companies to retain freshly deleted data on their servers until it can be properly wiped. Instagram says it takes 90 days to fully erase…

This story continues at The Next Web

Or just read more coverage about: Instagram