Report: Government Correspondence Regarding Altered Signal Copy ‘Telemessage’ Breached

Uncategorized Mihnea


Mike Waltz and Signal Leaks: A Security Drama Persists

Mike Waltz’s name has increasingly become associated with missteps in encrypted messaging — and his latest mistake only intensifies the situation.

Just weeks after he inadvertently included a journalist in a Signal group chat pertaining to a confidential military operation in Yemen, the former National Security Advisor finds himself embroiled in another controversy surrounding encrypted communications.

A report from 404 Media reveals that a hacker successfully infiltrated a government-utilized version of the Signal messaging application. This modified edition, created by Israeli tech firm TeleMessage, is intended for government use and incorporates features that archive messages to adhere to federal record-keeping regulations.

The hacker allegedly took advantage of a vulnerability in the application and gained access in under 30 minutes. While messages from Waltz and other cabinet officials were not directly compromised, the breach exposed sensitive information such as message content, contact information of government personnel, backend login credentials, and other confidential data.

Waltz’s use of the TeleMessage application came under scrutiny after Reuters documented him using it during a cabinet meeting — a detail initially reported by 404 Media on April 30. He was removed from his post the following day. Although the hack did not solely account for his departure, it exacerbated existing concerns stemming from the earlier Signal group chat incident as well as the public revelation of his use of the unofficial application.

The breach prompts serious questions regarding the security framework behind governmental communications. Notably, the incident implies that archived messages in the TeleMessage app lacked end-to-end encryption — a crucial security feature of the original Signal platform. The utilization of a third-party, modified version of Signal already presented a significant risk, which has now come to fruition.

In response to the incident, a Signal spokesperson reiterated the firm’s position: “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”

As the repercussions unfold, the situation highlights the perils of depending on unofficial tools for sensitive governmental communications — and the critical importance of cybersecurity in national security operations.