A sophisticated hacking incident targeting TeleMessage, a government-approved messaging platform, has raised serious concerns about the security of communications used by Trump administration officials.
According to Daily Caller, an unidentified hacker successfully breached TeleMessage's modified version of Signal, accessing archived communications and exposing sensitive data belonging to multiple federal agencies and financial institutions.
The breach occurred through a vulnerable Amazon Web Services endpoint, compromising data from Customs and Border Protection (CBP), cryptocurrency exchange Coinbase, and various crypto lobbyists. The incident has drawn particular attention due to National Security Advisor Mike Waltz's recent public use of the service during a cabinet meeting.
The hacker, speaking about the ease of the breach, provided a concerning assessment of TeleMessage's security measures:
I would say the whole process took about 15-20 minutes. It wasn't much effort at all … If I could have found this in less than 30 minutes then anybody else could too. And who knows how long it's been vulnerable?
TeleMessage, an Israel-based subsidiary of U.S. company Smarsh, markets its platform as a solution for archiving encrypted communications while maintaining compliance with federal regulations. The company modifies popular encrypted messaging apps like Signal, WhatsApp, and Telegram to meet government archiving requirements.
The compromise revealed extensive data, including group chat contents, direct messages, phone numbers, email addresses, and internal credentials from TeleMessage's backend system. Nearly 750 names and contact details associated with CBP were exposed in the breach.
The breach exposed conversations related to cryptocurrency legislation, including real-time discussions about legislative whip counts. These communications mentioned Democratic Senators Angela Alsobrooks and Kirsten Gillibrand, revealing sensitive political strategy discussions.
The exposed data also included metadata from financial institutions like Coinbase and Scotiabank, compromising the contact information of current and former employees. While cabinet officials' messages remained secure, the breach affected various government agencies and private sector entities using the platform.
This security incident follows recent controversy surrounding Waltz, who accidentally added Atlantic editor-in-chief Jeffrey Goldberg to a Signal group chat discussing Yemen military operations. The inadvertent exposure of his TeleMessage use during a White House meeting initially drew media attention to the platform.
TeleMessage's modification of Signal effectively removes the app's core privacy feature of end-to-end encryption by introducing a third-party archive server between sender and recipient. This compromise between security and regulatory compliance has sparked debate about the effectiveness of such solutions.
The White House has maintained that Signal is an approved app for government use, but has not clarified whether modified versions like TeleMessage's fall under this authorization. The company has since removed content from its website following media coverage of the breach.
Neither TeleMessage nor White House officials have provided immediate responses to requests for comment about the security incident.
The TeleMessage platform breach has exposed significant vulnerabilities in government-approved communication systems designed to balance security with regulatory compliance. A hacker managed to access sensitive data from multiple federal agencies and financial institutions through TeleMessage's modified Signal platform in just 20 minutes. The incident has sparked concerns about the security of government communications, particularly affecting Trump administration officials who rely on the platform for secure messaging while maintaining compliance with federal archiving requirements.
