ARTICLE AD BOX
A hacker got access to the data of more than 60 government officials after breaching a communications service used by former national security adviser Mike Waltz and others, according to a review by Reuters.
The news agency found that dozens of officials were using the messaging platform TeleMessage after reviewing leaked data provided by Distributed Denial of Secrets. The nonprofit's mission is to archive hacked and leaked documents in the public interest.
The documents included material from customs officials, disaster responders, a number of U.S. diplomatic staffers, and at least one White House official, as well as members of the Secret Service. The messages seen by Reuters were from a period lasting about a day ending on May 4.
TeleMessage takes versions of popular apps and makes it possible to archive the messages on the app in adherence with government regulations. The app has been suspended since May 5 “out of an abundance of caution.”
TeleMessage was previously mostly unknown outside government and finance; however, the service garnered media scrutiny following the publishing of a Reuters photo on April 30 showing Waltz checking the app during a cabinet meeting.
Reuters didn’t find anything deemed sensitive during its review and didn’t locate chats that included Waltz or other cabinet officials. However, some chats appeared to include the travel plans of top government officials.
The White House told the news agency in a statement that it was aware of a “cybersecurity incident” at the owner of TeleMessage, the Portland, Oregon-based digital communications company Smarsh. FEMA told Reuters it had “no evidence” that information about the agency had been compromised, even as internal FEMA messages were part of the trove of documents reviewed by the news agency. A Customs and Border Protection spokesperson said it had disabled TeleMessage and was looking into the breach.
The Departments of State and Homeland Security, as well as the Centers for Disease Control and Prevention, have had contracts with TeleMessage in the last few years, according to federal contracting data.
A spokesperson for the CDC told the news agency on Monday that it tried out the software last year to review its records management system, "but found it did not fit our needs."
The Cybersecurity and Infrastructure Security Agency recommended a week after the hack that users “discontinue” the use of TeleMessage.
Former National Security Agency cyber specialist Jake Williams told Reuters that the vast amount of metadata revealing who was speaking to whom and when could be a counterintelligence threat, even if messages didn’t include sensitive information.
"Even if you don't have the content, that is a top-tier intelligence access," he told the news agency.
Waltz’s use of Signal garnered widespread media attention earlier this year after he accidentally included the editor in chief of The Atlantic in a Signal chat where he and other Cabinet-level officials discussed airstrikes against Yemen.
Some time later, Waltz was removed from the role as national security adviser and nominated to serve as the U.S. ambassador to the United Nations.
English (US) ·