Best practice is to avoid using email as primary key in the user database, instead use an internal ID, so that an email change can happen without touching the primary key.
Your reply made me think of an alternative to deleting accounts : replace personal information to use a pseudonym and a throwaway email, remove everything that can be removed.
That would help once the badly coded website get hacked or its database get leaked.
Likely bad coding or bad database design.
Best practice is to avoid using email as primary key in the user database, instead use an internal ID, so that an email change can happen without touching the primary key.
Your reply made me think of an alternative to deleting accounts : replace personal information to use a pseudonym and a throwaway email, remove everything that can be removed.
That would help once the badly coded website get hacked or its database get leaked.