Image by Matthey Henry, from Freerange Stock
Government Officials Chats Exposed After App Breach
Reading time: 2 min
Last Updated: May 6, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
A hacker breached a Signal-like app used by U.S. officials, exposing sensitive chats and highlighting the risks of tampering with encryption.
In a rush? Here are the quick facts:
- U.S. officials’ data—including CBP—was exposed.
- Messages weren’t end-to-end encrypted when archived.
- Hacker said breach took only 15–20 minutes.
A hacker has breached TeleMessage, an Israeli company that modifies encrypted apps like Signal and WhatsApp for government use, as first reported by 404 Media. The stolen information consists of parts of private chats, along with group messages, and user details, raising serious concerns about the security of government communications.
The company TeleMessage provides customized secure messaging apps to agencies which enable them to store conversations for legal purposes. But this added feature opened a dangerous backdoor. The hacker told 404 Media the breach was alarmingly easy: “I would say the whole process took about 15–20 minutes […] It wasn’t much effort at all.”
Although no cabinet-level messages were accessed, the hacker got snapshots of messages from officials including those tied to Customs and Border Protection (CBP), Coinbase, and the crypto firm Galaxy Digital. One message discussed lobbying efforts around a key cryptocurrency bill: “Just spoke to a D staffer […] they think the bill still has a good chance of passage.”
404 Media notes that the application gained recent attention after National Security Advisor Mike Waltz was spotted using TeleMessage during a cabinet meeting with former President Trump. This raised concerns about whether classified information was being discussed on a compromised tool.
TeleMessage stated that its applications maintain Signal encryption standards, yet security professionals dispute this claim, as reported by 404 Media. Adding an archiving system creates a weak point where private messages can be intercepted. “We cannot guarantee the privacy or security properties of unofficial versions of Signal,” a Signal spokesperson said, as reported by 404 Meida.
The hacker, who acted out of curiosity, chose not to alert TeleMessage directly: “If I could have found this in less than 30 minutes, then anybody else could too,” reported 404 Media.
This incident turns a long-feared theoretical vulnerability into a very real one, and puts the security of sensitive government communications under fresh scrutiny.
Latest articles 
Leave a Comment
Cancel