A recent cyber attack on the secure messaging platform, TeleMessage, used by multiple US government agencies has resulted in the leak of sensitive communications from dozens of government officials, according to an investigation by Reuters. The breach, which targeted the platform used by former US national security adviser Mike Waltz, has raised significant concerns about the security of government communications.
Initially, reports suggested the hack primarily affected Waltz, but further investigation revealed that the breach impacted more than 60 unique government users. These included disaster response personnel, customs officers, US diplomats, a White House official, and members of the Secret Service. The leaked data, which was obtained by the nonprofit group Distributed Denial of Secrets, spans a 24-hour period ending May 4, 2025, and includes a wide range of sensitive messages.
Among the leaked communications were conversations linked to the Federal Emergency Management Agency (FEMA), where an aid applicant confirmed the authenticity of one of the intercepted messages. A financial services firm also confirmed that its communications were compromised. Despite the fragmented nature of the data, it was clear that the breach had far-reaching consequences, with sensitive details about the travel plans of senior government officials also exposed.
One intercepted message, which appeared to reference the logistics of a presidential visit to the Vatican, has raised concerns about the exposure of highly confidential diplomatic and security-related information. Another message mentioned an official trip to Jordan, further highlighting the scope of the breach.
TeleMessage, which is used by various federal agencies to ensure compliance with data archiving rules, has been offline since May 5. Its parent company, Portland-based Smarsh, has not responded to multiple requests for comment regarding the hack. The platform is designed to provide secure communication services but has now been thrown into the spotlight due to its vulnerability.
The White House has acknowledged the breach but has provided minimal details, stating it is aware of the cybersecurity incident involving Smarsh. The State Department has yet to comment, while the Secret Service confirmed that only a small group of its employees had used TeleMessage and is currently assessing the breach. FEMA stated that it had “no evidence” of compromised information, although it did not address the leaked internal messages directly. US Customs and Border Protection also confirmed that the platform had been disabled and that an investigation is underway.
The breach raises serious questions about the security of communication platforms used by the US government. Experts have warned that such attacks could have significant implications for national security, especially in an age when cyber threats are increasingly sophisticated. As investigations continue, there are growing concerns about the vulnerability of government data to hackers and the potential consequences of such breaches.
