Apple fixes iPhone privacy flaw that left deleted messages recoverable

Deleted did not always mean gone on iPhones and iPads. Apple released iOS 18.7.8 and iPadOS 18.7.8 on April 22, 2026 to close a privacy flaw in Notification Services that could leave message previews recoverable for as long as a month, even after users erased the original message inside apps such as Signal and WhatsApp.

Apple said the bug affected notifications marked for deletion, which could be unexpectedly retained on the device. The company described the fix as addressing a logging issue with improved data redaction, and it backported the patch to older supported devices, including iPhone XR and later and iPad mini 5th generation and later. The move suggests Apple viewed the problem as serious enough to reach across the installed base, not just the newest phones.

The concern deepened after reports said federal investigators had been able to recover deleted Signal messages from a suspect’s iPhone by pulling them from the notification database. The recovery came up in testimony in a criminal case tied to the July incident at the ICE Prairieland Detention Facility in Alvarado, Texas. According to that account, only incoming Signal messages were recoverable through the notification database, not outgoing ones.

Signal has long warned that disappearing messages are a limited safeguard, not a guarantee against a determined adversary. Its support documentation says messages disappear from devices after the timer elapses, but also notes that message data lives locally on the device and that deleting messages for everyone is only a best-effort process. Signal first added disappearing messages in 2016, and the company says its protocol protects the contents of billions of conversations across major apps.

Meredith Whittaker pushed Apple to address the issue publicly, arguing that deleted notifications should not remain in an operating-system database at all. The episode underscores a hard truth about modern phone security: the delete button inside an app is only one layer of protection. When operating-system notifications preserve content behind the scenes, the gap between a user’s expectation of privacy and what a forensic tool can recover can be wide enough to matter in criminal cases, in legal work, and in conversations people thought had vanished.