The FBI successfully recovered deleted messages from the encrypted messaging app 'Signal,' revealing that the messages remained in the iPhone's notification database.

IT news site 404 Media has reported that the FBI successfully recovered messages from the encrypted messaging app 'Signal' during the trial of an Immigration and Customs Enforcement (ICE) officer who was shot in the neck at an ICE detention facility in Alvarado, Texas, in July 2025.

FBI Extracts Suspect's Deleted Signal Messages Saved in iPhone Notification Database

https://www.404media.co/fbi-extracts-suspects-deleted-signal-messages-saved-in-iphone-notification-database-2/

FBI used iPhone notification data to retrieve deleted Signal messages - 9to5Mac
https://9to5mac.com/2026/04/09/fbi-used-iphone-notification-data-to-retrieve-deleted-signal-messages/

Lynette Sharpe, one of the defendants in the case, pleaded guilty to providing material support to terrorists, and during the trial related to that case, it was revealed that the FBI was able to recover the contents of Signal messages received on Lynette Sharpe's iPhone.

According to evidence submitted in court, although the Signal app itself had been deleted from the iPhone, the 'received notification' for messages received via Signal was stored in the internal memory, and the message was retrieved from the remaining notification data. On the other hand, sent messages, which are not stored in the notification database, could not be recovered.

Signal's settings include a setting to prevent messages from being read via notifications, which would allow the message content to be hidden. However, Sharp had not enabled this setting, which is why the message data was read.

Furthermore, the tokens used for iOS push notifications are not immediately deleted even if the app is removed. The server has no way of knowing whether the app has been removed since the last notification was sent, and may continue sending notifications. The iPhone then decides whether or not to display the notification.

It is unclear exactly how the FBI recovered the messages, but 9to5Mac, an Apple-focused news site that reported on the case, speculates that they may have accessed the information using commercially available tools intended for law enforcement from a device backup.