The Threatpost offered a report on serious violation of GDPR rules by Instagram

Instagram kept copies of deleted pictures and private direct messages on its servers even after someone removed them from their account. The Facebook-owned service acknowledged the slipup and awarded a security researcher $6,000 for finding the bug.

Researcher Saugat Pokharel discovered the vulnerability when he downloaded his data last year from the photo-sharing app, according to a report on TechCrunch. The data included photos and private messages that he’d previously deleted, alerting him to a problem, he said.

Read more on Threatpost