A hacker has reportedly accessed sensitive user data from TeleMessage, an Israeli-made messaging platform used by various government agencies and officials, including former U.S. National Security Adviser Mike Waltz. The breach, reported by 404 Media, revealed access to direct messages and personal details such as names, emails, and phone numbers. While Waltz’s own messages were not part of the leak, the incident has reignited fears over the use of non-fully encrypted platforms in high-security environments.
++ This is what happens to your body after a quick play with a dog
TeleMessage, which modifies popular messaging platforms like Signal and WhatsApp to allow message archiving, does not offer full end-to-end encryption. This is in contrast to Signal’s original version, which is considered secure. A Reuters photo recently showed Waltz using TeleMessage during a Cabinet meeting, with conversations labelled “J.D. Vance” and “Gabbard.” The incident follows criticism over a previous security mishap, where Waltz mistakenly added a journalist to a Signal group discussing military plans.
The hacker, who claimed the intrusion took less than 20 minutes, stated their motivation was curiosity about the platform’s security. The breach reportedly affected users linked to U.S. government bodies including Customs and Border Protection, and possibly even the D.C. Metropolitan Police’s Intelligence Branch. TeleMessage is known to have contracts with federal departments like the State Department and the CDC, likely due to its compliance with document retention regulations.
++ Cynthia Erivo to narrate audiobook of Wicked ahead of movie sequel release
Though the full scope of the hack remains unclear, the exposure of recent discussions, including those potentially involving cryptocurrency policy, has underscored concerns around unofficial versions of secure messaging apps. Signal has distanced itself from these modified clients, warning they cannot guarantee privacy or security. As scrutiny grows, this event raises urgent questions about data protection practices within sensitive government communications.
