The messaging application used by a prominent Trump administration official has suspended its services following reports of data theft by hackers. Smarsh, the parent company of TeleMessage, has initiated an investigation into the incident.
According to a statement provided to WIRED by a Smarsh spokesperson, TeleMessage is examining a potential security breach. Immediate actions were taken to contain the issue, and an external cybersecurity firm has been engaged for further investigation. As a precautionary measure, all TeleMessage services have been temporarily suspended, though all other Smarsh products and services remain active.
Last week, a Reuters photographer captured former national security adviser Mike Waltz using an unauthorized version of the secure communication app Signal—known as TeleMessage Signal or TM Signal—which features an archiving function. Images suggest Waltz was communicating with senior officials, including Vice President JD Vance, US Director of National Intelligence Tulsi Gabbard, and US Secretary of State Marco Rubio.
Experts indicated that the archiving feature of TM Signal inherently compromises the end-to-end encryption that ensures the security and privacy of the original Signal app. Reports from 404 Media and journalist Micah Lee confirmed that the app had been breached by a hacker. NBC News also reported evidence of an additional breach.
Founded in Israel in 1999 and acquired last year by US-based Smarsh, TeleMessage creates unauthorized versions of popular apps with archiving for compliance purposes. However, the company claims these versions maintain the same digital defenses, potentially misleading users about their security.
Waltz’s use of the app faced scrutiny after he reportedly added The Atlantic’s editor in chief to a group chat where Trump administration officials were discussing a military operation. The ensuing scandal, dubbed “SignalGate,” preceded Waltz’s removal as national security adviser. President Trump announced plans to nominate Waltz as ambassador to the United Nations.
TeleMessage apps lack approval under the US government’s Federal Risk and Authorization Management Program (FedRAMP), yet their use appears to be growing. Leaked data supposedly from TM Signal suggests usage by multiple US Customs and Border Protection agents. The agency stated to WIRED that it is investigating the breach and the reported use of TM Signal.
Following reports by Lee and 404 Media, TeleMessage removed its website content and halted its archiving service over the weekend.
The Smarsh statement emphasized commitment to transparency, promising updates when available and expressing gratitude to customers and partners for their patience. Concerns have arisen among experts regarding potential risks to US national security due to Waltz’s apparent use of TM Signal.
