A security breach has emerged in the ongoing U.S. government Signal chat scandal, as a cloned version of the Signal app used by Trump administration officials was reportedly hacked in less than 30 minutes, raising further concerns about the handling of sensitive military information.
TeleMessage Security Breach
An anonymous hacker gained access to TeleMessage, an Israeli firm that sells modified versions of Signal and other messaging apps to U.S. government agencies, in just 15-20 minutes by exploiting an easily discovered vulnerability. The breach exposed archived communications from various entities including Customs and Border Protection, Coinbase, and other financial institutions, revealing usernames, passwords, backend access panels, and snippets of chat content. While no messages from former National Security Adviser Mike Waltz or other Trump cabinet officials were reportedly compromised, the incident revealed a critical security flaw: despite TeleMessage's claims of maintaining Signal's end-to-end encryption, archived chat logs were not properly secured once transmitted to storage servers.
The hack exposed serious vulnerabilities in TeleMessage's implementation, which works by adding a third party to conversations to capture and archive messages. The company's server, hosted on Amazon AWS infrastructure in Northern Virginia, stored unencrypted messages that were intercepted during transmission. This security breach has intensified scrutiny over the use of unofficial messaging apps for sensitive government communications, especially following the "Signalgate" scandal where Waltz accidentally added a journalist to a Signal group discussing military operations in Yemen. Signal has officially distanced itself from TeleMessage, stating it "cannot guarantee the privacy or security properties of unofficial versions of Signal".
Pentagon Signal Warning Memo
Just days after the high-profile Signal chat leak involving Yemen airstrikes, the Pentagon issued a department-wide warning about the messaging app on March 18, 2025. The memo, obtained by NPR, stated that "a vulnerability has been identified in the Signal messenger application" and warned that "Russian professional hacking groups are employing the 'linked devices' features to spy on encrypted conversations." The timing was particularly notable, coming shortly after Defense Secretary Pete Hegseth and other national security officials had inadvertently included The Atlantic's editor-in-chief Jeffrey Goldberg in sensitive military discussions.
Signal spokesperson Jun Harada clarified that the Pentagon memo wasn't about the app's security but rather about phishing threats, stating, "Once we learned that Signal users were being targeted and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago." The Pentagon memo explicitly noted that while Signal was permitted for "unclassified accountability/recall exercises," it was "not approved to process or store non-public unclassified information" – a policy that had apparently been in place since at least 2023, well before the controversial leak that would become known as "Signalgate."
Hegseth's Second Chat Group
Defense Secretary Pete Hegseth shared sensitive details about a March 15, 2025 airstrike against Houthi targets in Yemen in a second Signal group chat that included his wife Jennifer (a former Fox News producer), his brother Phil, and his personal attorney Tim Parlatore.This "Defense | Team Huddle" chat, which included approximately 13 people, contained the same operational information Hegseth had shared in the first Signal chat that accidentally included The Atlantic's editor-in-chief Jeffrey Goldberg. The shared details included specific flight schedules for F/A-18 Hornets and other sensitive operational information that multiple officials have indicated would typically be classified.
The revelation intensified scrutiny of Hegseth's handling of sensitive military information, with Senate Armed Services Committee member Jack Reed expressing "grave concerns about Secretary Hegseth's ability to maintain the trust and confidence of U.S. servicemembers." While Hegseth dismissed the accusations as a "hoax" blamed on "disgruntled former employees," the Pentagon's acting inspector general launched a formal investigation into the use of commercial messaging apps for official business and compliance with classification requirements. The controversy, dubbed "SignalGate," has sparked bipartisan concern, with Republican Representative Don Bacon calling the situation "totally unacceptable" even as President Trump defended Hegseth
U.S. and Iranian officials said they had agreed on a framework to end their war, halt the U.S. blockade of Iran and reopen the Strait of Hormuz, a pre...
British Prime Minister Keir Starmer said on Monday he would ban social media sites for under-16s and impose restrictions on gaming and livestreaming p...
Monday 15th June, marks the fifth anniversary of the signing of the Shusha Declaration, a landmark agreement that formally elevated relations between ...
The stepson of Norway's Crown Prince Haakon has been found guilty of two counts of rape as well as domestic violence and other crimes and is sentenced...
U.S. and Iranian officials said on Sunday they have agreed on a deal to end their war, halt the U.S. blockade of Iran and reopen the Strait of Hormuz,...
France’s postal and banking services were disrupted on Thursday morning after a cyberattack temporarily rendered their websites and mobile applications largely inaccessible, French radio RFI reported.
Brazilian authorities have arrested a suspect linked to a cyberattack that diverted more than 540 million reais (about $100 million) from the country’s banking network.
Two days before Poland’s presidential election, Prime Minister Donald Tusk announced that Russian hackers launched attacks on the websites of parties in his ruling coalition.
A website affiliated with GlobalX, the airline central to President Donald Trump’s offshore deportation campaign, was defaced by hackers on Monday, displaying a message from a group claiming to act under the name “Anonymous.”
Details of a reported draft memorandum of understanding between the United States and Iran offer the clearest picture yet of how both sides plan to end months of conflict and move towards a longer-term settlement.
Pakistan has warned that any attempt by India to block or significantly reduce river flows under the Indus Waters Treaty could have “far-reaching consequences”, after India's water minister said New Delhi was working to ensure that “not a single drop” of water reaches Pakistan in the coming years.
Armenia has every right to choose Europe. But Europe’s support for Armenia’s direction should not become automatic approval of its political process.
The U.S. and Iran say they have reached a deal to end their conflict, with an immediate ceasefire and reopening of the Strait of Hormuz after the lifting of the U.S. naval blockade. Talks will continue over the next 60 days to finalise the agreement
U.S. President Donald Trump has said a peace agreement with Iran is scheduled to be signed on Sunday in a post on social media, despite Tehran's Foreign Ministry spokesperson Esmaeil Baghaei saying no deal would be approved this weekend.
British Prime Minister Keir Starmer said on Monday he would ban social media sites for under-16s and impose restrictions on gaming and livestreaming platforms, in some of the world's most far-reaching online restrictions to date.
The stepson of Norway's Crown Prince Haakon has been found guilty of two counts of rape as well as domestic violence and other crimes and is sentenced to four years in prison, an Oslo court ruled on Monday.
Start your day informed with the AnewZ Morning Brief. Here are the top stories for 15 June, covering the latest developments you need to know.
Leaders of the Group of Seven wealthy nations will meet at a French lakeside resort on Monday against a backdrop of preliminary deal to end U.S. and Iran war reached by both sides.
Four people were killed while the Kyiv Pechersk Lavra monastery, a symbol of Ukrainian spiritual and cultural history, caught fire, in the heaviest Russian air attack on the Ukrainian capital in two weeks, authorities said on Monday.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment