In early May, hackers compromised the TeleMessage messenger used by dozens of American officials, including the White House, diplomatic services, customs, FEMA, and the Secret Service. It was also used by Mike Waltz.
Reuters writes about this.
The publication writes that the hacker intercepted messages from more US officials than previously known. Reuters notes that this makes the incident even more serious and increases concerns about data protection in the Trump administration.
Reuters found more than 60 different government users of the TeleMessage messenger in the leaked data. The data was provided by the US nonprofit Distributed Denial of Secrets, which collects hacked and leaked documents in the public interest. The leaked material included messages from emergency services, customs, US diplomatic missions, at least one White House official and Secret Service personnel. The messages seen by Reuters spanned about a day, ending on May 4. Many were fragmented or incomplete.
Reuters was unable to verify all of the content of the TeleMessage leak, but in more than six cases, the agency was able to determine that the phone numbers in the leak did indeed belong to specific people. One recipient of the intercepted messages, a person who was applying for assistance from the Federal Emergency Management Agency, confirmed that her message was genuine. A financial company whose messages were also intercepted also confirmed their authenticity.
Reuters was unable to determine exactly how each agency used TeleMessage. Based on its limited analysis, the publication did not find anything that could be considered clearly confidential, and did not find any messages from Voltz or other ministers.
Meanwhile, cybersecurity expert Jake Williams, who previously worked at the National Security Agency, said that even if the texts in the intercepted messages did not contain important information, the metadata — that is, who communicated, when, and with whom — poses a threat at the level of counterintelligence. According to him, even without the messages themselves, this data is already very valuable information for intelligence.
Reuters writes that some of the messages were related to planning trips for high-ranking officials. For example, one group on Signal called POTUS | ROME-VATICAN | PRESS GC was likely related to organizing an event at the Vatican. Another was about trips by American officials to Jordan.
The White House said it was aware of the Smarsh cyberattack but did not comment on whether they used the platform. The State Department did not respond to requests for comment. The Department of Homeland Security, which oversees FEMA, CISA, the Secret Service and Customs and Border Protection, also remained silent. FEMA said in a letter that there was no evidence of a breach of its information, but did not respond to a request for internal messages sent to it. A Customs spokesman confirmed that TeleMessage had been disabled and that an investigation was ongoing.
Government procurement documents show that the State Department of Health and Human Services, the Department of Health and Human Services, and the Centers for Disease Control and Prevention (CDC) have all had contracts with TeleMessage in recent years. A CDC official wrote to Reuters that the agency tested the app in 2024 to see if it would meet its data retention requirements but ultimately decided it was not suitable. The status of other contracts remained unknown. A week after the leak, the U.S. cybersecurity agency CISA recommended that the app be discontinued unless Smarsh provided instructions on how to use it safely.
TeleMessage is an app that was previously little-known outside of government or financial circles. It gained media attention on April 30 when Reuters published a photo of Waltz testing TeleMessage’s privacy-focused version of Signal during a government meeting. The service adapts popular messaging apps and lets you store them in a way that meets government requirements. The service shut down on May 5 “for security reasons”.
Smarsh, a Portland, Oregon-based company that owns TeleMessage, did not comment on the leak.
- Mike Waltz was fired as national security adviser on May 1 after the Signal chat scandal, which included the editor-in-chief of The Atlantic. His duties are now being performed by Secretary of State Marco Rubio.
For more news and in-depth stories from Ukraine, please follow us on X.