A security breach has emerged in the ongoing U.S. government Signal chat scandal, as a cloned version of the Signal app used by Trump administration officials was reportedly hacked in less than 30 minutes, raising further concerns about the handling of sensitive military information.
TeleMessage Security Breach
An anonymous hacker gained access to TeleMessage, an Israeli firm that sells modified versions of Signal and other messaging apps to U.S. government agencies, in just 15-20 minutes by exploiting an easily discovered vulnerability. The breach exposed archived communications from various entities including Customs and Border Protection, Coinbase, and other financial institutions, revealing usernames, passwords, backend access panels, and snippets of chat content. While no messages from former National Security Adviser Mike Waltz or other Trump cabinet officials were reportedly compromised, the incident revealed a critical security flaw: despite TeleMessage's claims of maintaining Signal's end-to-end encryption, archived chat logs were not properly secured once transmitted to storage servers.
The hack exposed serious vulnerabilities in TeleMessage's implementation, which works by adding a third party to conversations to capture and archive messages. The company's server, hosted on Amazon AWS infrastructure in Northern Virginia, stored unencrypted messages that were intercepted during transmission. This security breach has intensified scrutiny over the use of unofficial messaging apps for sensitive government communications, especially following the "Signalgate" scandal where Waltz accidentally added a journalist to a Signal group discussing military operations in Yemen. Signal has officially distanced itself from TeleMessage, stating it "cannot guarantee the privacy or security properties of unofficial versions of Signal".
Pentagon Signal Warning Memo
Just days after the high-profile Signal chat leak involving Yemen airstrikes, the Pentagon issued a department-wide warning about the messaging app on March 18, 2025. The memo, obtained by NPR, stated that "a vulnerability has been identified in the Signal messenger application" and warned that "Russian professional hacking groups are employing the 'linked devices' features to spy on encrypted conversations." The timing was particularly notable, coming shortly after Defense Secretary Pete Hegseth and other national security officials had inadvertently included The Atlantic's editor-in-chief Jeffrey Goldberg in sensitive military discussions.
Signal spokesperson Jun Harada clarified that the Pentagon memo wasn't about the app's security but rather about phishing threats, stating, "Once we learned that Signal users were being targeted and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago." The Pentagon memo explicitly noted that while Signal was permitted for "unclassified accountability/recall exercises," it was "not approved to process or store non-public unclassified information" – a policy that had apparently been in place since at least 2023, well before the controversial leak that would become known as "Signalgate."
Hegseth's Second Chat Group
Defense Secretary Pete Hegseth shared sensitive details about a March 15, 2025 airstrike against Houthi targets in Yemen in a second Signal group chat that included his wife Jennifer (a former Fox News producer), his brother Phil, and his personal attorney Tim Parlatore.This "Defense | Team Huddle" chat, which included approximately 13 people, contained the same operational information Hegseth had shared in the first Signal chat that accidentally included The Atlantic's editor-in-chief Jeffrey Goldberg. The shared details included specific flight schedules for F/A-18 Hornets and other sensitive operational information that multiple officials have indicated would typically be classified.
The revelation intensified scrutiny of Hegseth's handling of sensitive military information, with Senate Armed Services Committee member Jack Reed expressing "grave concerns about Secretary Hegseth's ability to maintain the trust and confidence of U.S. servicemembers." While Hegseth dismissed the accusations as a "hoax" blamed on "disgruntled former employees," the Pentagon's acting inspector general launched a formal investigation into the use of commercial messaging apps for official business and compliance with classification requirements. The controversy, dubbed "SignalGate," has sparked bipartisan concern, with Republican Representative Don Bacon calling the situation "totally unacceptable" even as President Trump defended Hegseth
Britain’s government outlined plans on Tuesday (21 April) to reduce household energy bills by encouraging wind ...
Jars of baby food deliberately tampered with rat poison and discovered in Austria, the Czech Republic and Slovakia were part of an attempted extort...
The architect of the modern K-pop boom, Bang Si-hyuk, is facing arrest by South Korean police over claims he illegall...
The escalating conflict involving Iran, the U.S. and Israel is fuelling what could become the most severe energy crisis the world has ever faced, a...
China's domestic automakers have a message for the boardrooms of premium German brands such as Porsche, Mer...
France’s postal and banking services were disrupted on Thursday morning after a cyberattack temporarily rendered their websites and mobile applications largely inaccessible, French radio RFI reported.
Brazilian authorities have arrested a suspect linked to a cyberattack that diverted more than 540 million reais (about $100 million) from the country’s banking network.
Two days before Poland’s presidential election, Prime Minister Donald Tusk announced that Russian hackers launched attacks on the websites of parties in his ruling coalition.
A website affiliated with GlobalX, the airline central to President Donald Trump’s offshore deportation campaign, was defaced by hackers on Monday, displaying a message from a group claiming to act under the name “Anonymous.”
Iran accuses the United States of breaching a ceasefire after a commercial ship was seized in the Gulf of Oman, vowing retaliation, as Israel warns south Lebanon residents to avoid restricted areas.
Progessive Bulgaria, led by pro-Russian Eurosceptic Rumen Radev is on track to form Bulgaria’s next government, after official results showed a runaway victory for the coalition in the Balkan nation's parliamentary elections on Monday (20 April).
Pakistan is confident it can bring Iran to talks with the United States, a senior official said, citing “positive signals” from Tehran, as JD Vance is reportedly set to visit Islamabad on Tuesday for peace talks, according to Axios.
A powerful 7.5 magnitude earthquake has struck off Japan’s north-eastern coast, triggering urgent tsunami warnings with waves of up to 3 metres expected, prompting residents to seek immediate safety.
Blue Origin, the U.S. space company of billionaire Amazon founder Jeff Bezos, successfully reused and recovered a booster for its New Glenn rocket launched from Florida on Sunday (19 April), in the latest chapter of its intensifying rivalry with Elon Musk’s SpaceX.
Britain’s government outlined plans on Tuesday (21 April) to reduce household energy bills by encouraging wind and solar producers to adopt long-term fixed contracts.
The escalating conflict involving Iran, the U.S. and Israel is fuelling what could become the most severe energy crisis the world has ever faced, according to the head of the International Energy Agency (IEA).
A Canadian woman has been shot dead and 13 others injured in a shooting at the Teotihuacan pyramids on Monday, one of Mexico’s most visited tourist attractions.
Start your day informed with AnewZ Morning Brief. Here are the top news stories for the 21st of April, covering the latest developments you need to know
Japan on Tuesday unveiled its biggest overhaul of defence export rules in decades, scrapping restrictions on overseas arms sales and opening the way for exports of warships, missiles and other weapons.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment