Hacker breach of Trump aide’s messaging app exposed data from over 60 US government officials

A hacker infiltrated TeleMessage, a secure communications platform used by former Trump national security adviser Mike Waltz, intercepting messages and metadata from more than 60 U.S. government officials. The breach included data from FEMA, Customs and Border Protection, the Secret Service and diplomatic staff, and was exposed via a data trove obtained by Distributed Denial of Secrets. While the intercepted messages were largely fragmentary and did not reveal classified content, some related to sensitive logistical details such as senior officials’ travel plans. At least one aid applicant and one financial firm confirmed their leaked messages were authentic. The service was suspended on May 5 “out of an abundance of caution.” TeleMessage, developed by Smarsh, had been in use by multiple federal agencies under existing contracts, though some like CDC had recently discontinued it. The U.S. cyber defense agency CISA advised ceasing its use. Experts flagged the breach as a significant counterintelligence risk due to exposed metadata, which can reveal communication patterns and affiliations even without message content.

Analysis by Our Experts:


This breach is not about intercepted emojis or fragmented texts. It is about intelligence-grade metadata falling into the wrong hands. When attackers can map real-time communication channels involving FEMA, CBP and diplomatic staff, it is a strategic goldmine. The fact that TeleMessage was still active across agencies despite a history of operational mishaps shows that procurement convenience continues to override security foresight. The metadata alone provides adversaries with timelines, associations and operational footprints. In the intelligence world, that is not just leakage. That is a blueprint. Operational security failed quietly, but the consequences might not.

Read the full article here.

Stay informed with us!

You can subscribe to our monthly cybersecurity newsletter to receive updates about us and the industry

Blog

Check the latest updates on threats, stories, events and analysis.

ZENDATA Cybersecurity

SVG: The Trojan Horse hiding in your inbox

ZENDATA cybersecurity

AI-generated TikTok videos used to spread info-stealing malware

Cyber ​​yellow bee robot

Bumblebee malware distributed via Zenmap WinMTR SEO poisoning