A hacker has successfully exploited a vulnerability in TeleMessage, a software provider that offers modified versions of encrypted messaging applications including Signal, Telegram, and WhatsApp, gaining access to sensitive archived communications of U.S. government officials and several high-profile companies, according to reports.
TeleMessage, an Israel-based firm owned by Smarsh, became noteworthy recently following revelations that former U.S. National Security Adviser Mike Waltz was using its customized version of the Signal messaging platform. TeleMessage markets itself primarily as a solution for archiving encrypted conversations and voice messages from popular communication apps, catering to institutional clients seeking secure recordkeeping capabilities.
While the messages of senior cabinet members, including Waltz, reportedly remained uncompromised, the attack enabled the hacker to retrieve significant amounts of data. Among the stolen materials are detailed message records, contact details for high-ranking government officials, TeleMessage backend login credentials, and sensitive information linked to various organizations. Prominent entities affected include the U.S. Customs and Border Protection, cryptocurrency exchange Coinbase, and financial services provider Scotiabank.
Critically, analysis of the breach has uncovered that TeleMessage’s method for archiving chat logs lacks end-to-end encryption between the modified client apps and their final storage locations, creating vulnerabilities ripe for exploitation.
As of now, Smarsh, Signal, U.S. Customs and Border Protection, Coinbase, and Scotiabank did not respond immediately to requests for comment.
