Apple patches iPhone notification bug that preserved deleted messages

Apple has patched a bug that left the contents of “deleted” messages recoverable on iPhones, after investigators were able to pull notification text from device databases even when the underlying messages were set to disappear. The fix, shipped in an iOS and iPadOS update, addresses a flaw where notifications “marked for deletion could be unexpectedly retained on the device,” according to Apple’s security notice.

The issue matters because many users treat disappearing messages as a last-resort safety feature rather than a convenience. Apps such as Signal let users set timers so conversations vanish automatically, a design meant to limit what can be extracted if a phone is seized. But as TechCrunch reports, the message body can still surface in a lock-screen notification; if the operating system then caches that notification for weeks, the “disappearing” promise becomes conditional on a separate subsystem behaving perfectly.

The bug came to wider attention after 404 Media reported that the FBI had extracted deleted Signal messages from an iPhone using forensic tools, exploiting the fact that notification content had been stored in a database even after Signal deleted the conversation. Signal president Meredith Whittaker said the company asked Apple to fix the underlying behavior, arguing that notifications for deleted messages should not remain in an OS-level notification store.

Apple’s update suggests the retention was not an intentional feature but an error: notifications that should have been purged were instead kept for up to roughly a month, giving forensic tools a longer window than users would assume. The company has not publicly explained why the notification content was logged in the first place, and did not immediately respond to TechCrunch’s request for comment.

The episode underlines a recurring gap between how privacy features are marketed and how devices actually store data. End-to-end encryption protects messages in transit, but once plaintext is displayed on a screen it can be duplicated across caches, backups, previews, and system logs. Those secondary copies are attractive to investigators because they are often easier to extract than encrypted app databases, and they sit in parts of the operating system that users rarely inspect.

Apple says it has backported the fix to devices running older iOS 18 versions, meaning the vulnerability is not limited to the newest release train. For users who rely on disappearing messages for safety—journalists, activists, people in abusive relationships—the practical takeaway is less about one app than about the phone’s notification settings.

The bug was not in Signal’s encryption, but in the iPhone’s notification cache.