TeleMessage, the messaging application that gained attention when former national security adviser Mike Waltz was seen utilizing it during a Cabinet meeting, has temporarily halted all services following a reported security breach. A spokesperson for Smarsh, the parent company of TeleMessage, confirmed on Monday that the organization is actively investigating a potential security incident. “Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation,” the spokesperson stated.
In a precautionary measure, all TeleMessage services have been suspended. The app, which employs encryption technology akin to that of the widely-used messaging platform Signal, also provides government agencies and corporations with a means to archive chat conversations for compliance purposes. This feature had previously drawn scrutiny, particularly after Waltz’s use of the app reignited discussions about the security of communication methods, especially in light of the “Signalgate” controversy, where he inadvertently invited a journalist into a sensitive Signal chat regarding military operations.
Government Response and Security Concerns
In light of the cyber incident, Customs and Border Protection (CBP) has ceased its use of TeleMessage. A spokesperson from the Department of Homeland Security remarked, “Following the detection of a cyber incident, CBP immediately disabled TeleMessage as a precautionary measure. The investigation into the scope of the breach is ongoing.” While Signal is widely recognized for its robust encryption, the specifics surrounding TeleMessage’s security protocols remain somewhat ambiguous.
Although encrypted messaging applications have become increasingly prevalent within the U.S. government, they present challenges for officials bound by laws mandating the preservation of correspondence. This creates a delicate balance between the necessity for confidentiality and the requirement for archiving. TeleMessage had previously touted its design as a solution for this very issue, although that promotional content has since been removed from its website.
On Sunday evening, a hacker claimed to NBC News that they had infiltrated a centralized TeleMessage server and downloaded a substantial amount of data. As proof, the hacker provided a screenshot of TeleMessage’s contact list for employees at Coinbase, a cryptocurrency broker that utilizes the app. A Coinbase spokesperson verified the authenticity of the screenshot but emphasized that Coinbase itself had not been compromised and that customer data remained secure. “At this time, there is no evidence any sensitive Coinbase customer information was accessed or that any customer accounts are at risk,” the spokesperson clarified.
The hacker indicated that they had not yet thoroughly examined the stolen files, leaving it uncertain whether they contained sensitive communications from U.S. government officials. Multiple government agencies, including the Department of Homeland Security, the Department of Health and Human Services, the Treasury Department, and the U.S. International Development Finance Corporation, reportedly have active contracts with TeleMessage or related entities, as per government records reviewed by NBC News.
In a separate development, another hacker informed the tech news outlet 404 Media that they too had breached TeleMessage and provided substantial evidence of their claims. NBC News has not engaged with this individual. As the investigation continues, it remains unclear whether additional hackers have accessed TeleMessage’s files.
