The FBI recovered copies of Signal messages from a suspect’s iPhone even after the app had been deleted, according to testimony in a recent criminal case in Texas.

The information surfaced during proceedings tied to a July attack on the Prairieland ICE Detention Facility in Alvarado, where a group allegedly used fireworks to damage property and, in one instance, shot a police officer in the neck. 

According to courtroom documents reported by 404 Media, FBI Special Agent Clark Wiethorn said investigators accessed remnants of Signal communications through forensic analysis of a seized iPhone belonging to defendant Lynette Sharp.

Notes from trial attendees and defense attorney Harmony Schuerman indicated that only incoming messages were recovered through this method, while outgoing messages were not included.

Experts say that when message previews are enabled, incoming notifications, including parts of message content, can be stored in Apple’s notification database. Apple has not publicly detailed how long this data is retained or under what conditions it is stored.

The same effect may also apply to other messaging apps that display content in push notifications.

Signal, a widely used encrypted messaging app, allows users to control what appears in notifications, including options to hide message content or sender identity.

Experts say exposure can be reduced by disabling or limiting notification previews so that no or minimal information appears on the lock screen. Similar privacy settings are available across most messaging apps.

The Prairieland case ended in guilty verdicts on multiple charges.