A cloned Signal app, used by former National Security Advisor Mike Waltz and other officials, has been hacked, exposing sensitive data [1, 2, 3, 4]. The compromised app, developed by TeleMessage, suffered a breach that raises concerns about the security of apps used by top US officials [1, 2, 3].
The hacker accessed data related to Customs and Border Protection (CBP), Coinbase, and other financial institutions [2, 3, 8, 11]. The stolen information included names, contact details of government officials, and login credentials [2]. The breach occurred in May 2025, with investigations ongoing [1, 4, 5].
TeleMessage has temporarily suspended all services and engaged a cybersecurity firm to investigate the incident [1, 4]. The hacker reportedly gained access to chat logs that were stored without proper encryption [1, 5, 7]. This incident highlights vulnerabilities in modified messaging apps and raises questions about the vetting processes for third-party communication tools used by government agencies [5].