The recent suspension of the messaging app TeleMessage, utilized by President Donald Trump’s national security advisor, has raised significant concerns regarding the security of sensitive government communications. This action follows a reported breach that has prompted scrutiny over the app’s encryption capabilities and compliance with federal record-keeping protocols.
TeleMessage, a modified version of the popular secure messaging platform Signal, is designed specifically for government and business use. However, the app’s services were halted after a hack was disclosed, which led to fears that sensitive communications may have been compromised. A spokesperson for Smarsh, the parent company of TeleMessage, confirmed the situation, stating, “TeleMessage is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation.”
In a precautionary measure, all TeleMessage services have been temporarily suspended, while other Smarsh products remain operational. This decision follows a revealing report from tech outlet 404 Media, which indicated that a hacker had accessed message contents from TeleMessage’s customized versions of various messaging platforms, including Signal, WhatsApp, Telegram, and WeChat. Although the communications of national security advisor Mike Waltz were reportedly not accessed, the breach raises alarms about the potential exposure of other sensitive information.
Waltz seen using TeleMessage despite “Signalgate”
Waltz was observed using TeleMessage during a Cabinet meeting shortly after Trump publicly criticized Signal in an interview with The Atlantic. Trump remarked, “I think we learned: Maybe don’t use Signal, okay?” This comment referred to a previous incident dubbed “Signalgate,” where Waltz inadvertently included a journalist in a private Signal discussion concerning military plans.
Despite the President’s reservations, the White House has continued to defend Signal, noting its pre-installation on government-issued devices. TeleMessage was likely chosen for its chat archiving capabilities, which align with federal records laws, contrasting with Signal’s auto-deletion feature that had previously sparked controversy.
While TeleMessage promotes its archiving features for legal compliance, the report from 404 Media suggests that the app may compromise Signal’s end-to-end encryption by storing messages elsewhere, thus creating a potential vulnerability in privacy protections. A spokesperson for Signal emphasized, “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”
Deportation airline GlobalX also targeted
The cybersecurity concerns are not limited to messaging applications. GlobalX, the airline involved in Trump’s contentious deportation flights to El Salvador, has also fallen victim to a hacking incident. A subdomain of GlobalX was reportedly defaced by hackers claiming affiliation with “Anonymous.”
Files shared with 404 Media included flight records and passenger lists from January 19 to May 1, which were cross-verified with official data, confirming the authenticity of the information, including records of deportee Kilmar Abrego Garcia. This breach further underscores the pressing issues surrounding digital vulnerabilities within systems linked to national security and immigration enforcement.
