Apple patches iOS bug that exposed deleted Signal chats to law enforcement

Context The issue surfaced after 404 Media reported that iOS was storing parts of encrypted Signal messages in its push notification store for up to a month. Even when users set messages to disappear and later removed the Signal app, the data remained accessible to forensic tools. The FBI testified in a court hearing that it could extract those copies from a defendant’s iPhone after the app had been deleted.

Key Facts Apple confirmed the bug stemmed from a logging failure that failed to redact data before writing it to the notification database. The company said the notifications should never have been stored, but the flaw left them marked for deletion yet retained on the device. Signal publicly thanked Apple for the rapid fix, noting that updating iOS protects users without any further action.

What It Means For privacy‑focused users, the episode shows how operating‑system features can unintentionally undermine end‑to‑end encryption. Law‑enforcement agencies can leverage existing forensic processes to retrieve data that users believed was erased. The fix closes that specific avenue, but it highlights the need for continual scrutiny of system‑level logging and data retention practices.

Mitigations Users should update their iPhones to iOS 17.5 or later, which includes the patch for this logging issue. Verify the update under Settings → General → Software Update. If immediate updating is not possible, disable push notifications for Signal in Settings → Notifications → Signal and clear the notification history. Organizations managing fleets should enforce the update via MDM and audit notification settings on iOS devices.

What to watch next Monitor whether similar logging issues appear in other apps’ use of push notifications and how Apple’s future iOS releases handle data minimization in background services.