Tell a story.

On the afternoon of March 24th, a young mother in Hebei opened Meituan to order takeout for her child when suddenly a prompt appeared: "Detected that Meituan has deleted images and videos, successfully intercepted." Her heart tightened, she exited the app and opened her photo gallery—thousands of photos and videos documenting her child's growth over the past five years, as well as the only remaining footage of a deceased loved one—all gone. She froze there, thinking her phone had a problem, and took it to a repair shop. The technician said the phone was neither infected nor malfunctioning. That night, she scoured the recycle bin on her phone but couldn't recover a single photo.

This sounds like a digital catastrophe, but it actually happened. Starting from March 18th, many Android users began posting nearly identical system interception screenshots on social media: "Your photos have been deleted by the 'Meituan' app."

Some lost dozens of casual photos; others lost a full 504GB of family memories accumulated over six years; some even had encrypted files—ID scans, work contracts—silently wiped out. The most despairing part is that even when they barely recovered files from the recycle bin, some appeared corrupted or garbled, turning into useless files. A user from Hunan sighed bitterly: "I just wanted to order a hot meal, and now all my long-held memories are gone."

In response to public outrage, Meituan issued a public apology on March 24th, attributing the issue to a technical glitch: in rare cases, when the Android system's app cache is cleared, a conflict with third-party SDKs causes path recognition errors, mistakenly treating the user's photo album directory as a cache directory. Official data shows that over 180 users contacted support, likely affecting hundreds of people.

Meituan emphasized that the deletion was only performed locally, and the platform did not read, upload, or leak any personal data. They also quickly fixed the vulnerability, formed a special team, and promised to cover all data recovery costs and compensate for actual losses. However, many users remain unconvinced—not because the apology lacked sincerity, but because this incident revealed a harsher reality: the precious memories stored safely on our phones have long been turned into a "privacy mine" exploited freely by tech giants.

Why did only Android users suffer, while Apple iOS users escaped unscathed? The answer lies in the permission mechanisms of the two systems. Older versions of Android have relatively lax storage permission management. When users grant "storage/photo permissions" to upload images or reviews, the app automatically gains full read/write/delete access to shared storage. It’s like handing over the keys to every room in your house just to give a note. In contrast, iOS acts like a strict butler—apps cannot directly access photo files; they must request permission from the system, and users must manually authorize each access, fundamentally preventing unauthorized deletion.

Even more alarming is that Meituan, a food delivery app whose core functions are location, ordering, and payment, surprisingly has full storage permissions—this is the biggest hidden risk behind such accidental deletions.

Every day, we mindlessly click "Agree" for convenience; after granting permissions, we have no idea what apps do with our data in the background. This long-standing permission chaos has already caused user anxiety, and this incident has completely ignited that anxiety.

This event serves as a wake-up call: data security on your phone is never a trivial matter. If you use an Android device, immediately go to 【Settings】 - 【App Permissions Management】, find Meituan, and change the "Storage/Photos" permission to "Allow only while using the app." Android 11 and above support more granular permissions—when uploading photos, select "Allow access to only selected photos" instead of granting full album access. Most importantly, develop a habit of regular backups—use cloud storage, computers, or external hard drives to keep multiple copies.

In an era where even a food delivery app can "accidentally delete" all your personal data, relying on internet companies' self-discipline is unrealistic. We must learn to protect our privacy and data through technical means.