Apple patches iOS flaw that preserved deleted Signal notifications for forensic recovery

A bug in iOS retained notification data even after users deleted the underlying messages, giving anyone with physical device access — including forensic tools used by the FBI — a path to recover content from secure messengers like Signal. The defect undermined a core assumption of ephemeral and end-to-end encrypted messaging: that a deletion on-device actually removes the data from disk.

Apple has shipped a patch closing the retention gap, so notification payloads are cleared in line with the message state rather than lingering in a separate cache. The fix matters less for the specific FBI case cited and more for the pattern it exposes — secondary data stores (notifications, previews, spotlight indexes) routinely outlive the primary data and become the easiest forensic target. Users on older iOS builds remain exposed until they update.