TeleMessage Signal Clone Breached, Exposing US Government-Linked Data
May 5, 2025 — A hacker has reportedly infiltrated TeleMessage, a company offering modified versions of popular encrypted messaging apps like Signal, Telegram, and WhatsApp, stealing archived message data tied to U.S. government officials and major corporations, according to 404 Media.
TeleMessage, an Israel-based firm owned by Smarsh, enables enterprises to archive messages—including voice notes—from encrypted platforms. The company recently made headlines after former U.S. National Security Adviser Mike Waltz was revealed to be using a customized version of Signal provided by TeleMessage.
While messages from Waltz and U.S. cabinet members were reportedly not compromised, the hacker did manage to extract chat contents, contact details of officials, internal login credentials, and more. Victims named in the breach include U.S. Customs and Border Protection, Coinbase, and Scotiabank, among others.
One of the most alarming revelations was that the archived chats between TeleMessage’s modded Signal client and the company’s backend servers were not end-to-end encrypted, undermining the original security model of Signal and similar apps.
Requests for comment sent to Smarsh, Signal, Coinbase, Scotiabank, and CBP have not yet received responses.
This breach raises serious concerns about the risks of using altered versions of encrypted apps, especially in sensitive government and financial sectors. Experts warn that while such modifications may offer convenience and archiving features, they often come at the cost of true privacy and security.
