Mike Waltz, a noted foreign policy hawk and former US special forces officer, has been critical of Russia but has, like Trump, opposed increasing aid to Ukraine
The revelation of Waltz’s use of TeleMessage has only amplified scrutiny of the app and its implications for national security. AFP

A modified version of Signal used by former National Security Adviser Mike Waltz has been hacked, according to a report published by tech news outlet 404 Media on Sunday.

The hacker is said to have gained access to customer data from TeleMessage, a Signal-like app that Waltz was seen using during a cabinet meeting on Wednesday, reported Reuters.

His use of the tool, which visually mimics Signal but functions differently, drew attention due to its apparent role in capturing sensitive government discussions.

Exposure Of Government Communications

The breach allegedly exposed the contents of some direct messages and group chats sent through these modified apps. While the hacker did not gain access to messages sent by Waltz or other senior officials, the attack revealed that archived chat logs were not protected by end-to-end encryption once routed from the app to the archival systems controlled by TeleMessage clients.

Among the most alarming details revealed by the hack is that chats involving high-profile figures —such as Senators Marco Rubio, Tulsi Gabbard, and JD Vance — were potentially vulnerable. The tool's design made it possible for a hacker to easily access archived messages of users outside the inner circle of top officials.

404 Media quoted the unidentified hacker, who claimed to have infiltrated TeleMessage's backend infrastructure and intercepted user messages. The hacker reportedly provided 404 Media with samples of the compromised data, some of which the outlet was able to independently verify.

Political Fallout

The revelation of Waltz's use of TeleMessage has only amplified scrutiny of the app and its implications for national security.

Waltz was removed from his position Thursday following a scandal in which he reportedly created a Signal group to share real-time updates on U.S. military actions in Yemen. The situation escalated after a journalist was accidentally added to the group, raising alarms about the careless handling of classified information.

Signal Responds

Signal, known for its end-to-end encryption and resistance to surveillance, distanced itself from unofficial versions of its app. A Signal spokesperson stated that the company "cannot guarantee the privacy or security properties of unofficial versions of Signal."

Security Flaws In Archival Tools

TeleMessage is being rebranded as "Capture Mobile" by its parent company, Smarsh. Its core function is to capture and archive messages after they are decrypted, a practice meant to meet government record-keeping requirements. However, cybersecurity experts warn that such systems, if not securely implemented, can introduce serious vulnerabilities—exactly as the recent hack demonstrated.