this post was submitted on 20 Apr 2026
2 points (100.0% liked)

Privacy

9773 readers
47 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
iopq@lemmy.world
2
deleteduser.com - a $15 Personally Identifiable Information (PII) Magnet (mike-sheward.medium.com)
submitted 3 weeks ago by artwork@lemmy.world to c/privacy@lemmy.world
1 comments fedilink hide all child comments
 

...deleting records could cause big problems. Referential integrity across database tables simply wouldn’t allow it... it would cause a resonance cascade.

So, to get around the problem, a lot of places simply "overwrite" records when they are deleting them. They replace certain fields with garbage so the structure of the data remains, but the human elements are no longer present. At the heart of those "certain fields" are email addresses, the most widely used identifiers on all the web. And that, dear reader, is how we got to this cursed discovery.

I saw a discussion on the internet where someone mentioned that they deleted users in their app by overwriting their email addresses with $somethingRandom@deleteduser.com. Mmm, I thought - I wonder how common of a thought process that is? I bet whoever owns deleteduser.com gets loads of emails!

I decided to check it out, but to my genuine surprise - no one owned deleteduser.com, so now I do.

Source [web-archive]

top 1 comments
sorted by: hot top controversial new old
[–] scott@lem.free.as -1 points 3 weeks ago

.invalid is a TLD which isn't publicly routable.