A Hacker Stole Dozens of US Gov Agencies

A hacker attack targeting TeleMessage — a secure messaging platform used by former Trump national security adviser Mike Waltz (pictured) — has compromised communications from a far wider range of U.S. government officials than previously disclosed, according to a Reuters investigation. The breach underscores fresh concerns about secure communications management across federal agencies.

The leaked cache, shared by nonprofit whistleblower group Distributed Denial of Secrets, revealed messages from over 60 identified government users, including disaster response personnel, U.S. diplomatic staff, Customs and Border Protection (CBP) officers, members of the Secret Service, and at least one White House employee. The intercepted data covered a roughly 24-hour window ending on May 4.

TeleMessage — a privacy-focused communications service originally used within government and finance sectors — first drew public attention when a Reuters photograph captured Waltz using the app during a cabinet meeting on April 30. While Reuters was unable to independently verify the entire trove, several phone numbers were confirmed, and multiple intercepted conversations were authenticated by their recipients.

Although no highly classified material appears to have been leaked, some intercepted discussions involved logistical details of senior officials’ travel plans, including a White House trip to the Vatican and U.S. government visits to Jordan. That kind of operational detail, even absent sensitive content, is viewed by cybersecurity specialists as a significant counterintelligence risk due to the metadata it reveals — essentially, who’s talking to whom and when.

TeleMessage Suspends Services “Out of Caution”

“Even if you don’t have the content, that is a top-tier intelligence access,” warned Jake Williams, former NSA cyber specialist and current VP of R&D at Hunter Strategy.

The breach prompted TeleMessage to suspend its services on May 5 “out of an abundance of caution.” The platform, operated by Portland-based Smarsh, integrates with popular messaging apps to enable government-mandated message archiving. Neither Smarsh nor the White House offered substantive comments on the incident.

Federal contract records show that agencies like the State Department, Department of Homeland Security (DHS), and the Centers for Disease Control and Prevention (CDC) had engaged with TeleMessage in recent years. Following the breach, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged federal users to immediately discontinue use of the app unless specific mitigations were provided.

Background Drama

This isn’t Waltz’s first messaging-related controversy. In an earlier incident, he accidentally added a prominent journalist to a Signal chat where Trump administration officials were reportedly discussing military operations in Yemen. The leak triggered a scandal, leading to Waltz’s removal from his post, though he later remained in the administration and was nominated by Trump as the next U.S. ambassador to the United Nations.

The incident highlights persistent challenges federal agencies face in balancing operational flexibility with secure digital communications — especially in an era where third-party messaging apps increasingly integrate with government workflows. Even when message content seems innocuous, metadata remains a critical vulnerability. As the breach illustrates, intelligence value often lies as much in connection patterns and timing as in message content itself.