I hate to be that guy but did you actually read the comment? It said "after". So not the moment he signed in, 15 minutes after where to all intents and purposes that should have been impossible.
After all, we can sign people up in 20 milliseconds, I don't see why marking an account as in the process of deletion should be so hard.
GDPR allows up to a month (or more in special circumstances) to delete the account:
> The controller shall provide information on action taken on a request under Articles 15 to 22 to the data subject without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. The controller shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay. Where the data subject makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the data subject
Furthermore deletion of the account and information doesn't need to be done instantious, e.g. doing the cleanup once a day in a batch job is ok.