Particle.news
Download on the App Store
12 ARTICLES
·
2w ago

Hacker Breaches TeleMessage, Exposing Security Flaws in U.S. Government Messaging

A vulnerability in the Signal-like app used for archiving government communications allowed access to sensitive data, sparking concerns over encryption and compliance practices.

Image
U.S. National Security Advisor Mike Waltz walks to board Marine One at the White House in Washington, D.C., U.S., April 3, 2025. REUTERS/Carlos Barria/File Photo
Image
Image

Overview

  • TeleMessage, a modified Signal app used by U.S. government officials, was hacked, exposing archived communications and backend credentials.
  • The hacker accessed data from users including U.S. Customs and Border Protection, Coinbase, and Scotiabank, but messages from top cabinet officials were not compromised.
  • The breach exploited the lack of end-to-end encryption in TeleMessage's archiving process, a critical security vulnerability.
  • TeleMessage, owned by Smarsh and rebranding as Capture Mobile, provides archive-enabled versions of encrypted messaging apps for compliance purposes.
  • The incident has reignited scrutiny over the use of unofficial messaging platforms in government and the risks of balancing record-keeping with operational security.