The TeleMessage App Used by Trump Officials Has Been Hacked

A hacker has breached TeleMessage, a messaging platform used by US government officials to archive encrypted chats — compromising sensitive data and prompting the service to suspend operations. The platform, developed by an Israeli company and owned by Oregon-based Smarsh, drew scrutiny after a photo surfaced showing the former National Security Advisor Mike Waltz using the app during a Cabinet meeting with President Trump.

The breach, first reported by 404 Media, affected modified versions of Signal, Telegram, WhatsApp, and WeChat offered by TeleMessage. While high-ranking officials like Waltz, JD Vance, and Marco Rubio were not directly compromised, the hacker accessed archived content and login credentials linked to users at Customs and Border Protection, Coinbase, and Scotiabank. “The hacker has not obtained the messages of cabinet members, Waltz, and people he spoke to,” 404 Media noted, but the exposure of backend systems raises serious concerns about the platform’s structural integrity.

The Guardian noted that concerns “were further heightened when it was reported... that a hacker had broken into TeleMessage’s back-end infrastructure and intercepted some of its users’ messages” — highlighting how message-archiving features can undermine the perceived security of encrypted apps.

The situation highlights a recurring pattern in Trump-era tech policy, where rushed implementations of digital tools often clash with privacy best practices. Earlier this year, we reported how Trump postponed a long-threatened TikTok ban, citing vague national security reforms — reflecting the administration’s inconsistent tech governance. This breach also echoes the growing threat of imitation apps, as last year, over 60,000 Android users were infected by spyware through fake Telegram apps.

TeleMessage had been marketed as a compliance-focused platform for archiving encrypted messages, particularly in public sector settings. But Signal’s official stance was clear: “We cannot guarantee the privacy or security properties of unofficial versions of Signal,” a spokesperson told NBC News.

Trump himself, after the infamous “Signalgate” incident, said, “I think we learned: Maybe don’t use Signal, okay?” Still, the tools persisted in the administration’s communication ecosystem, culminating in this security failure.

While Smarsh says its other products remain unaffected, the hack has reignited debate over whether modified encrypted platforms can ever fully reconcile security and compliance — especially in high-stakes government environments.