Related Articles
A hacker reportedly stole customer data from a company that makes a Signal-like app that former National Security Adviser Mike Waltz was seen using in a Cabinet meeting with President Donald Trump.
The hack includes direct messages and personal information from TeleMessage apps, 404 Media reported Sunday. TeleMessage is an Israeli company that makes modified versions of Signal, WhatsApp, and other messaging platforms, but allows users to archive messages. The app is not fully end-to-end encrypted, which is concerning considering high-ranking Trump administration officials appear to be using it. Signal is fully end-to-end encrypted.
“I would say the whole process took about 15-20 minutes,” the hacker told 404 Media about accessing the data. “It wasn’t much effort at all.”
Trump removed Waltz from his role as national security adviser and nominated him to become U.S. ambassador to the United Nations last week. Waltz’s competence came into question after he added Atlantic editor Jeffrey Goldberg to a Signal chat about plans for military strikes in Yemen. The flub led to a firestorm of criticism about the administration’s recklessness with sensitive information, both because of Goldberg’s presence in the chat as well as the fact that top officials were using an app vulnerable to phishing attacks like Signal.
Last week, a Reuters photo showed Waltz using TeleMessage with chats labeled “J.D. Vance” and “Gabbard.” The hack reignites concerns about the security of Waltz’s messages.
Information the hacker accessed did not include Waltz’s communications, but reportedly includes names, phone numbers, and email addresses of Customs and Border Protection officials, as well as information about some financial institutions. It is also possible that the Intelligence Branch of the Washington, D.C., Metropolitan Police is using the app.
TeleMessage reportedly has contracts with government agencies including the State Department and Centers for Disease Control and Prevention. It is likely that the government uses TeleMessage in order to comply with rules about document retention.
The hacker did not access all TeleMessage content, but potentially could have accessed more. 404 Media does not know the identity of the hacker. However, journalists Joseph Cox and Micah Lee were able to independently verify material from the hack.
The person who accessed the data said they were “just curious how secure it was.”
One hacked message that seems to be linked to the crypto firm Galaxy Digital was about a cryptocurrency bill that a group of Senate Democrats said on Saturday they would oppose, showing that the hacker was able to access recent data.
TeleMessage claimed in a YouTube video, which has since been made private, that it keeps “intact the Signal security and end-to-end encryption when communicating with other Signal users.”
“The only difference is the TeleMessage version captures all incoming and outgoing Signal messages for archiving purposes,” the video says, according to 404 Media.
Contrary to TeleMessage’s claims, by sending messages somewhere to be stored, they add a third party that could in turn store the messages incorrectly. The data the hacker accessed was on its way to getting archived.
“We cannot guarantee the privacy or security properties of unofficial versions of Signal,” a Signal spokesperson told 404 Media.
“If I could have found this in less than 30 minutes then anybody else could too. And who knows how long it’s been vulnerable,” the hacker said.
