A hacker who infiltrated the communications platform used by former Trump national security adviser Mike Waltz earlier this month accessed messages from a significantly wider group of US government officials than initially reported, according to a Reuters investigation.
The breach targeted TeleMessage, a secure messaging service used by various federal agencies, and revealed intercepted data from more than 60 unique government users. The leaked cache, obtained by the nonprofit Distributed Denial of Secrets, included messages linked to disaster response personnel, customs officers, US diplomatic staff, one White House official, and members of the Secret Service.
Though the intercepted communications, covering approximately a 24-hour period ending on May 4, were largely fragmented, Reuters was able to verify several messages. In one instance, a Federal Emergency Management Agency (FEMA) aid applicant confirmed the authenticity of a leaked text. A financial services firm also confirmed that its communications had been compromised.
The breach gained public attention after an April 30 Reuters photo captured Waltz using TeleMessage’s version of the privacy-focused app Signal during a cabinet meeting. Since then, concerns have grown over the platform’s use within the US government and its exposure to cyber threats.
Reuters could not verify the full extent of the leak or determine how each agency had been using TeleMessage. However, several intercepted messages appeared to touch on the travel plans of senior officials. One Signal group, labelled “POTUS | ROME-VATICAN | PRESS GC,” seemed to refer to event logistics involving the President at the Vatican, while another referenced an official trip to Jordan.
TeleMessage, which repackages popular messaging apps to ensure compliance with government data archiving rules, has been offline since May 5. Its parent company, Portland-based Smarsh, has not responded to requests for comment.
The White House acknowledged the breach in a brief statement, saying it was “aware of the cyber security incident at Smarsh” but declined to provide further details. The State Department did not respond, while the Secret Service confirmed a “small subset of Secret Service employees” had used TeleMessage and said it was assessing the breach. FEMA stated it had “no evidence” of compromised information but did not comment on internal messages shown to them. US Customs and Border Protection reiterated it had disabled the platform and launched an investigation.
Faridah Abdulkadiri
Follow us on:
