Hacker Breaches TeleMessage, Exposing U.S. Officials’ Communications
Reuters Reportedly Uncovers Wider Scope of Leaked Government Messages, Raising Data Security Concerns
A hacker breached TeleMessage, a communications service used by former Trump national security adviser Mike Waltz and other U.S. government officials, compromising messages from a wider range of officials than initially reported. A Reuters review of leaked data, provided by the nonprofit Distributed Denial of Secrets, identified over 60 unique government users, including disaster responders, customs officials, diplomatic staff, a White House staffer, and Secret Service members. The intercepted messages, spanning roughly a day ending May 4, 2025, were often fragmentary, and Reuters found no clearly sensitive content or chats involving Waltz or cabinet officials, though some messages related to senior officials’ travel plans, such as a Vatican event and a trip to Jordan.
TeleMessage, which adapts popular apps like Signal for government archiving, gained attention after a Reuters photo showed Waltz using it during a cabinet meeting. The service was suspended on May 5, 2025, by its owner, Smarsh, a Portland-based digital communications firm, “out of an abundance of caution.” Reuters verified the authenticity of some leaked messages, including one from a FEMA aid applicant and another from a financial services firm. Federal agencies, including the White House, State Department, and Department of Homeland Security, provided limited or no responses to inquiries about the breach, with FEMA denying evidence of compromised information despite Reuters presenting internal messages.
The breach raises concerns about data security, as federal contracting data shows agencies like the State Department, DHS, and CDC have used TeleMessage in recent years. The CDC noted it piloted the software in 2024 but found it unsuitable. Cybersecurity expert Jake Williams highlighted the counterintelligence risk posed by metadata in the leaked data, even if the message content appeared innocuous. Following the hack, CISA advised discontinuing TeleMessage use unless Smarsh provided mitigation guidance. The incident adds to scrutiny of Waltz, who faced prior controversy for a Signal chat mishap and was later nominated as U.S. ambassador to the United Nations.
This story originally appeared exclusively on Reuters