A major security scare has erupted in Washington after reports emerged that a Trump associate was using an unofficial version of the secure messaging platform Signal-an application that was subsequently targeted in a data breach, according to a Sunday report from tech outlet 404 Media.
According to the Reuters report, the report centers on former National Security Adviser Mike Waltz, a key figure in Donald Trump’s administration, who was spotted using an app called TeleMessage during a cabinet meeting last week.
TeleMessage is an application that closely mimics the interface and functionality of Signal, the industry-leading encrypted messenger widely used by government officials for its robust privacy features.
.png
)
404 Media broke the news after a hacker, who chose to remain anonymous, claimed to have accessed the backend infrastructure of TeleMessage, thereby intercepting messages from some users.
The hacker provided evidence to 404 Media, part of which was independently verified.
The disclosure has heightened national security concerns-especially given Waltz’s role at the highest levels of government and his recent ouster.
Waltz was removed from his post Thursday, only days after a controversy erupted over his creation of an unofficial Signal group chat used to share real-time updates about U.S. military operations in Yemen.
The chat group attracted scrutiny last month when, either by accident or by someone using Waltz’s account, a well-known journalist was added to the confidential discussion.
TeleMessage, now being rebranded by parent company Smarsh as Capture Mobile, offers a key difference from standard Signal.
While Signal boasts end-to-end encryption intended to thwart eavesdropping, TeleMessage is designed to capture messages once they’re decrypted-allowing organizations to archive communications and comply with government record-keeping laws.
However, experts warn that such after-delivery capture introduces new vulnerabilities if not implemented carefully.
In the fallout from the breach, 404 Media clarified that there was no evidence that messages from Waltz or other Trump cabinet members were intercepted.
Nonetheless, the breach has triggered alarm about the security of tools used at the highest echelons of U.S. power.
Attempts to seek comment from TeleMessage’s parent company, Smarsh, as well as Waltz and the White House, were not immediately successful.
A Signal spokesperson, responding to the incident, emphasized, “We cannot guarantee the privacy or security properties of unofficial versions of Signal.”
As federal agencies and officials increasingly rely on encrypted communications, this latest incident serves as a stark reminder of the risks posed by unofficial apps and the relentless interest of hackers in sensitive government communications.
Setting Up SOC Team? – Download Free Ultimate SIEM Pricing Guide (PDF) For Your SOC Team -> Free Download
