There is a vulnerability in Apple Mail that causes emails sent encrypted to end up on the internal storage unencrypted. Apple promises to fix the security issue after a researcher found it months ago.
In a statement, Apple indicates that it is aware of the problem with Apple Mail and that it will be repaired in a future software update. However, when that software update will be released is not clear. The leak was discovered by security researcher Bob Gendler, who already informed Apple at the end of July, he in a blog post on Medium.
Gendler found database files on the internal storage of a MacOS device that are used by Siri to make recommendations to the owner of the system. Among other things, it does this by looking at the content of e-mails, which also involves encrypted e-mails. One of those database files, called snippets.db, contains the unencrypted content of emails sent encrypted via Apple Mail.
The vulnerability could allow a potential hacker to read the contents of encrypted emails. It should be noted, however, that the risk of e-mail theft is probably very low. This must be encrypted e-mails sent from Apple Mail, where the user has not applied encryption to the file system in any other way. A hacker must also be able to make the database files accessible.
According to Gendler, encrypted e-mails are also stored in snippets.DB when Siri is disabled. In addition, this happens in various versions of macOS; Gendler tried Catalina, Mojave, High Sierra and Sierra. However, it is possible to turn off the saving of the e-mails, by indicating this in the privacy settings for Siri.