TeleMessage, an Israeli software company that sells a modified version of the encrypted messaging app Signal to the U.S. government, has temporarily suspended its services following reports of a significant security breach.
According to a report from tech news siteย 404Media, the app was reportedly compromised, raising concerns about the security of unofficial tools used for classified government communication. TeleMessage allows users to archive messages, including voice notes, from end-to-end encrypted messaging apps like Telegram, WhatsApp, and Signal.
Smarsh, the parent company of TeleMessage, announced that it is suspending all its services “out of an abundance of caution”, as it investigates what it called “a potential security incident.”
“TeleMessage is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation,” a company spokesperson said in a statement.
App Behind โSignalgateโ Scandal Compromised
TeleMessage gained notoriety during the recent โSignalgateโ scandal, in which National Security Adviser Mike Waltz accidentally added a journalist, Jeffrey Goldberg, to a Signal group chat discussing sensitive U.S. military operations in Yemen in March.
The chat also included high-profile officials such as Vice President JD Vance and Defense Secretary Pete Hegseth.
The leak exposed detailed operational plans, including specific timelines and targets, prompting bipartisan criticism and calls for investigations regarding the use of unofficial messaging apps for sensitive government discussions.
Despite U.S. President Donald Trumpโs disapproval of using the app following the โSignalgateโ scandal, Waltz was recently photographed using TeleMessage’s unofficial Signal clone, TM SGNL, during Wednesdayโs cabinet meeting indicating that he was communicating with Vance, Secretary of State Marco Rubio, Director of National Intelligence Tulsi Gabbard and special envoy Steve Witkoff.
Hackers Reportedly Accessed Backend Infrastructure
The breach reportedly allowed a hacker to access TeleMessage’s backend infrastructure, intercepting user messages and providing stolen data to tech news site 404 Media, which claimed to have independently verified some of the material.
The hacked data allegedly includes some content of messages, contact details of government officials, and back-end login credentials for TeleMessage. However, messages of cabinet members, Waltz, and the person he spoke to were not compromised. Also, no messages from Trump administration officials were exposed in the breach.
Further, sensitive data from agencies and companies such as the U.S. Customs and Border Protection, crypto exchange Coinbase, and financial service providers like Scotiabank were extracted by the hacker.
?”I would say the whole process took about 15-20 minutes. It wasn’t much effort at all. If I could have found this in less than 30 minutes then anybody else could too. And who knows how long it’s been vulnerable?” the hacker told 404 Media.
Precautionary Measures
In response to the breach, Smarshโthe company behind TeleMessageโhas shut down its website and temporarily suspended its archiving services. It has promised transparency as investigations move forward.
Meanwhile, a Coinbase spokesperson said that the company is โclosely following these reports and assessing their impact on Coinbase.ย At this time, there is no evidence any sensitive Coinbase customer information was accessed or that any customer accounts are at risk, since Coinbase does not use this tool to share passwords, seed phrases, or other data needed to access accounts.โ
