Do Son 
The scandal surrounding the data breach at TeleMessage continues to escalate. Recently revealed details indicate that malicious actors gained access to an archive of communications involving more than 60 U.S. government officials, including individuals from the White House, the Secret Service, diplomatic missions, customs, and emergency response agencies.
All intercepted messages were published on the Distributed Denial of Secrets platform—a project dedicated to archiving leaks deemed to serve the public interest.
The exposed communications span a fragmentary period of approximately one day, concluding on May 4. Among the intercepted content are messages related to the logistics of U.S. officials’ visits to the Vatican and Jordan, as well as internal communications from the Federal Emergency Management Agency (FEMA).
Several recipients have confirmed the authenticity of the leaked messages, including a FEMA representative and a financial firm. The phone numbers of more than half a dozen officials were verified as accurate.
TeleMessage came under intense scrutiny after a Reuters photojournalist captured former national security adviser Mike Waltz using the application during a cabinet meeting on April 30. The incident sparked renewed concern over digital security practices within the Trump administration. Waltz had previously been embroiled in controversy after adding a journalist to a Signal group where U.S. military strikes in Yemen were being discussed—a scandal that contributed to his resignation. Nevertheless, he was later nominated by Trump to serve as U.S. Ambassador to the United Nations.
TeleMessage is a modified version of mainstream messaging platforms, tailored for government use with message archiving features to comply with federal regulations. The service was officially disabled on May 5 “as a precautionary measure.” Its owner, Portland-based Smarsh, has declined to comment on the breach.
The Secret Service stated that the platform was used by only a limited subset of personnel and confirmed that an internal investigation is underway. FEMA reported no evidence of data compromise, while officials from Customs and Border Protection and the State Department refused to issue statements.
An analysis of federal contracts revealed that the Department of Homeland Security and the Centers for Disease Control and Prevention (CDC) also utilized TeleMessage. The CDC acknowledged piloting the platform in 2024 before ultimately discontinuing its use. One week after the breach, the Cybersecurity and Infrastructure Security Agency (CISA) recommended that all users cease using TeleMessage pending formal guidance from Smarsh.
Although the leaked messages themselves did not contain overtly sensitive content, former NSA analyst Jake Williams emphasized that the metadata—who communicated with whom and when—constitutes a valuable intelligence asset and could be leveraged for counterintelligence purposes.
Donate