Saugat Pokharel, a cybersecurity researcher from Nepal was awarded a $6,000 bug bounty by Instagram.
He found out that the photos and private direct messages of users were retained by Instagram servers even after deleting them.
To comply with European data rules, Instagram had added a feature that lets users download their data i.e images and direct messages.
Saugat Pokharel who’s an independent security researcher downloaded his data from Instagram but he was sent deleted data as well. This showed that the data were never completely cleaned up from Instagram servers.
Instagram says this was due to a bug in its system which is now fixed and Saugat Pokharel has been awarded a $6,000 bug bounty for highlighting the bug.
A spokesperson for Instagram told TechCrunch: “The researcher reported an issue where someone’s deleted Instagram images and messages would be included in a copy of their information if they used our Download Your Information tool on Instagram. We’ve fixed the issue and have seen no evidence of abuse. We thank the researcher for reporting this issue to us.”
As per the reports of TechCrunch, Saugat Pokharel discovered the bug in October last year but it was only fixed earlier this month.
Normally, even if we delete data from the cloud servers of any application it takes some time to totally delete the data. Usually, some applications like Google Drive save the deleted items for some time in the trash folder.
According to TechCrunch, Instagram said it takes about 90 days for deleted data to be fully removed from its systems.
However, Saugat Pokharel was able to download his data which was deleted more than a year ago.
“Instagram didn’t delete my data even when I deleted them from my end.” he told TechCrunch.
There has been no report from Instagram saying if this issue affected all the Instagram users. It’s an identical issue that Twitter fixed last year.
Twitter users were able to access deleted direct messages including messages sent to and from suspended/ deactivated accounts using Twitter’s own data download tool.
Samsung Galaxy A04 with Unisoc SC9863A to Launch Soon in NepalSamsung unveiled its new budget phone — the Samsung Galaxy A04 on August 24, 2022.…
Purple Launches a Bunch of New Accessories in NepalEarlier this year, a new Nepali accessory brand Purple was launched in Nepal, debuting three…
Honor 70 with 54MP Sensor to Launch Soon in NepalHonor is ready to launch Honor 70 in Nepal. It is Honor’s upper mid-range smartphone…