
Security breach impacts over 60 officials, including disaster responders and diplomatic staff
A hacker who breached the communications service used by former Trump national security adviser Mike Waltz earlier this month intercepted messages from a broader swathe of American officials than has previously been reported, according to a Reuters review, potentially raising the stakes of a breach that has already drawn questions about data security in the Trump administration.
Reuters identified more than 60 unique government users of the messaging platform TeleMessage in a cache of leaked data provided by Distributed Denial of Secrets, a U.S. nonprofit whose stated mission is to archive hacked and leaked documents in the public interest.
The trove included material from disaster responders, customs officials, several U.S. diplomatic staffers, at least one White House staffer and members of the Secret Service. The messages reviewed by Reuters covered a roughly day-long period of time ending on May 4, and many of them were fragmentary.
Platform gained attention following April cabinet meeting photograph
Once little known outside government and finance circles, TeleMessage drew media attention after an April 30 Reuters photograph showed Waltz checking TeleMessage’s version of the privacy-focused app Signal during a cabinet meeting.
While Reuters could not verify the entire contents of the TeleMessage trove, in more than half a dozen cases the news agency was able to establish that the phone numbers in the leaked data were correctly attributed to their owners. One of the intercepted texts’ recipients – an applicant for aid from the Federal Emergency Management Agency – confirmed to Reuters that the leaked message was authentic; a financial services firm whose messages were similarly intercepted also confirmed their authenticity.
Limited review finds travel logistics but no clearly sensitive material
Based on its limited review, Reuters uncovered nothing that seemed clearly sensitive and did not uncover chats by Waltz or other cabinet officials. Some chats did seem to bear on the travel plans of senior government officials. One Signal group, “POTUS | ROME-VATICAN | PRESS GC,” appeared to pertain to the logistics of an event at the Vatican. Another appeared to discuss U.S. officials’ trip to Jordan.
The service – which takes versions of popular apps and allows their messages to be archived in line with government rules – has been suspended since May 5, when it went offline “out of an abundance of caution.” TeleMessage’s owner, the Portland, Oregon-based digital communications firm Smarsh, did not respond to requests for comments about the leaked data.
Counterintelligence risks despite absence of highly sensitive content
Jake Williams, a former National Security Agency cyber specialist, said that, even if the intercepted text messages were innocuous, the wealth of metadata – the who and when of the leaked conversations and chat groups – posed a counterintelligence risk.
“Even if you don’t have the content, that is a top-tier intelligence access,” said Williams, now vice president of research and development at cybersecurity firm Hunter Strategy.
The circumstances surrounding Waltz’s use of TeleMessage haven’t been publicly disclosed and neither he nor the White House has responded to questions about the matter.



