Hacker exposes the data of dozens of officials by breaching the US Government Messaging App

Messages from more than 60 officials from several federal agencies were made public after a hacker gained access to an encrypted US government messaging program.

According to a Reuters investigation, a hacker who gained access to the messaging channel that former Trump national security adviser Mike Waltz used earlier this month was able to view texts from a far larger number of US government personnel than first thought.

The hack exposed intercepted data from over 60 distinct government users and targeted TeleMessage, a secure messaging service utilized by several federal institutions. The charity Distributed Denial of Secrets was able to access the leaked cache, which contained messages associated with members of the Secret Service, customs officials, US diplomatic staff, one White House official, and disaster response professionals.

Reuters was able to confirm multiple exchanges, despite the fact that the intercepted communications, which spanned around a 24-hour period ending on May 4, were mainly fragmentary. Once, an application for Federal Emergency Management Agency (FEMA) assistance attested to the veracity of a leaked text. Additionally, a financial services company acknowledged that its communications were compromised.

After a Reuters photo from April 30 showed Waltz using TeleMessage’s version of the privacy-focused software Signal during a cabinet meeting, the breach became widely known. Since then, worries about the platform’s use by the US government and its vulnerability to cyberattacks have increased.

Reuters was unable to ascertain how each agency had been utilizing TeleMessage or confirm the entire scope of the breach. Nonetheless, a number of intercepted messages seemed to discuss key officials’ travel schedules. While one Signal group, titled “POTUS | ROME-VATICAN | PRESS GC,” alluded to an official travel to Jordan, another appeared to be about event logistics involving the President at the Vatican.

Since May 5, TeleMessage, which repackages well-known chat programs to guarantee adherence to government data archiving regulations, has been unavailable. Requests for comment from its parent business, Smarsh, based in Portland, have not been answered.

In a succinct statement, the White House confirmed the compromise and stated that it was “aware of the cyber security incident at Smarsh,” but it would not elaborate. While the Secret Service acknowledged that a “small subset of Secret Service employees” had used TeleMessage and stated that it was investigating the compromise, the State Department remained silent. FEMA did not respond to internal messages that were provided to it, although it did say that it had “no evidence” of compromised material. US Customs and Border Protection reaffirmed that it had opened an inquiry and disabled the platform.