Mike Waltz and Signal leaks — name a more iconic duo.
Just weeks after accidentally inviting a journalist into a Signal group chat about a classified military op in Yemen, the (now former) National Security Advisor is caught in yet another encrypted messaging meltdown.
According to a report from 404 Media, a hacker accessed a government-used Signal clone developed by TeleMessage, an Israeli company that sells modified versions of encrypted messaging apps like Signal to government agencies. These versions are designed to retain message archives to comply with federal regulations on document retention.
The hacker claimed to have exploited a vulnerability in the app and reportedly gained access within about 30 minutes. While messages from cabinet members and Waltz were not directly compromised, the breached data included message content, contact information of government personnel, backend login credentials, and additional sensitive material, according to 404 Media.
Waltz’s use of Telemessage was reported by 404 Media on April 30 after Reuters photographed him using the app during a cabinet meeting. He was dismissed the following day. While reports indicate that the hack was not the sole reason for his departure, the combination of Signalgate and the Reuters photograph cast the security advisor in a bad light.
Crucially, the hacking incident suggests the archived chat logs are not end-to-end encrypted, raising serious concerns about the security architecture of the government’s communication tools. The use of an unofficial, modded version of Signal already represented a significant risk, one that now appears to have been realized.
A Signal spokesperson, speaking to 404 Media and other outlets, emphasized that the company “cannot guarantee the privacy or security properties of unofficial versions of Signal.”
