The messaging app that President Donald Trump’s national security advisor used during a recent Cabinet...
The messaging app that President Donald Trump’s national security advisor used during a recent Cabinet meeting suspended its services after a reported hack.
TeleMessage, the app in question, is a modified version of Signal and is marketed as a secure platform tailored for government and business communication.
The breach has sparked concerns about the security of sensitive government communications and potential violations of federal record-keeping protocols.
A spokesperson for Smarsh, the parent company of TeleMessage, confirmed the incident in a statement to CNBC: “TeleMessage is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation.”
The spokesperson added, “Out of an abundance of caution, all TeleMessage services have been temporarily suspended. All other Smarsh products and services remain fully operational.”
The suspension comes after a bombshell report by tech outlet 404 Media revealed that a hacker accessed message contents from TeleMessage’s customized versions of Signal, WhatsApp, Telegram, and WeChat.
According to the report, while the hacker did not obtain the messages of national security advisor Mike Waltz or the individuals he was communicating with, other sensitive communications were likely compromised.
Waltz seen using telemessage despite “Signalgate”
Waltz was seen using TeleMessage on his phone during a Cabinet meeting last Wednesday, just two days after Trump criticized Signal in an interview with The Atlantic. “I think we learned: Maybe don’t use Signal, okay?”
Trump said in the interview, referring to a previous scandal dubbed “Signalgate,” in which Waltz mistakenly added a journalist to a private Signal discussion about pending military plans.
Despite Trump’s past disapproval, the White House has continued defending the use of Signal, noting that it is pre-installed on government-issued devices.
TeleMessage, which allows chat archiving to comply with federal records laws, may have been chosen as an alternative to Signal’s auto-deletion feature, one of the points of concern in the original controversy.
Security trade-offs in government messaging tools
Although TeleMessage promotes its archiving features for legal compliance, 404 Media reported that the app could compromise Signal’s end-to-end encryption because messages may be stored elsewhere and retrieved later.
This storage mechanism, intended to support records retention, introduces a potential vulnerability in systems designed to ensure message privacy.
A spokesperson for Signal told NBC News, “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”
Deportation airline GlobalX also targeted
The cybersecurity concerns extend beyond messaging tools. GlobalX, the airline at the center of Trump’s controversial deportation flights to El Salvador, has also been hacked.
A subdomain of GlobalX was defaced by hackers claiming to be affiliated with “Anonymous,” according to 404 Media.
The hacker shared files with the outlet, including flight records and passenger lists from January 19 to May 1.
404 Media cross-verified these files with official data, confirming matches, including deportee Kilmar Abrego Garcia records.
The attack raises further alarms about digital vulnerabilities in systems tied to national security and immigration enforcement.