Telemessage Hack: US Government Officials' Messaging App Breached

TeleMessage Data Breach Exposes Government and Corporate Communications

A security flaw within TeleMessage, a service offering altered versions of secure messaging applications like Signal, Telegram, and WhatsApp, has been exploited. This resulted in the unauthorized extraction of archived messages and related data, as reported by 404 Media.

Compromised Data and Affected Parties

The compromised information pertains to U.S. government personnel and various companies utilizing the TeleMessage platform. While messages from former national security advisor Mike Waltz and cabinet members weren't directly accessed, the stolen data included message content, contact details of officials, and TeleMessage login credentials.

Specifically, data linked to U.S. Customs and Border Protection, the cryptocurrency exchange Coinbase, and financial institutions such as Scotiabank was reportedly extracted by the perpetrator.

Lack of End-to-End Encryption

Investigations revealed a critical security oversight: the archived chat logs are not protected by end-to-end encryption. This means data transmitted between the modified Signal app provided by TeleMessage and its storage location was vulnerable to interception.

Smarsh's Response and Investigation

Smarsh, the parent company of TeleMessage, has acknowledged the incident and initiated a thorough investigation. They have temporarily suspended all TeleMessage services as a precautionary measure.

According to a statement provided to TechCrunch, Smarsh acted swiftly upon detecting the potential breach, engaging an external cybersecurity firm to assist in the investigation. All other Smarsh services remain operational.

Coinbase's Statement

A Coinbase spokesperson indicated the company is actively monitoring the situation and evaluating any potential impact. Currently, there is no indication that sensitive customer data was compromised, as Coinbase does not utilize TeleMessage for sharing critical account access information like passwords or seed phrases.

Requests for Comment

Requests for comment from Signal, U.S. Customs and Border Protection, and Scotiabank have not yet been answered.

Key Takeaways

• TeleMessage, providing modified messaging apps, suffered a data breach.
• Data relating to U.S. government officials and companies was compromised.
• The breach highlighted a lack of end-to-end encryption for archived messages.
• Smarsh has suspended TeleMessage services and launched an investigation.

This article has been updated to incorporate statements from Smarsh and Coinbase.