A slightly publicized cyber incident so far raises serious question marks about the digital infrastructure of the Trump administration and the protection of official communications in the US. At the center of the scandal: an obscure application, a counselor close to the former US president and dozens of exposed government employees. Following the cyber attack on the Telemessage messenger service, used by Michael Walz, a national security counselor of the former US president, the attacker managed to access the data of over 60 Trump administration employees.
Telemessage, a government version of the Signal/ PHOTO application: X
In an extended investigation, Reuters analyzed a data set obtained by the Distributed Denial of Secrets organization, specialized in archiving the leaks of public interest. In the center of the breach is Telemessage, a government version of the Signal application, intended for archiving and managing digital communications in accordance with federal regulations.
Beyond its use by the former Mike Waltz national security adviser – surprised by consulting the application during a cabinet session – it appears that over 60 federal employees were affected by the incident. Among them: American diplomats, FEMA employees (Emergency Agency), Secret Service members and even a White House official.
The figure of the Telemessage platform, which is used for confidential correspondence by American officials and businessmen, took place at the beginning of the week.
As a result, the data on Volz's correspondence with over 60 representatives of the US government, from customs officials and representatives of the diplomatic corps up to at least one employee of the White House and members of the US Secret Service, were drained online.
The materials analyzed by Reuters referred to the correspondence on May 4 and, at first glance, did not contain classified information. At the same time, it was possible to establish the contact details of the participants in the correspondence from them.
A discreet application, a major breach
Telemessage was little known to the general public, being used mainly in government and financial circles. The incident came to the surface after Reuters published a photo in which Waltz, at an official meeting, used the application.
The drain – covering a period of about 24 hours completed on May 4 – does not contain, according to Reuters, classified information. But it includes details about traveling plans of high -ranking officials, such as a Vatican trip or a visit to Jordan, and administrative communications that can offer valuable metadata.
“Even though messages seem trivial, metadata – who, when, with whom – I am a treasure for any foreign information service,” explained Jake Williams, former NSA expert, quoted by Reuters.
Telemessage, under the magnifying glass of the authorities
In the face of reputational and security risk, the application was suspended on May 5 “from an extreme caution”. The supplier, the SMARSH company in Portland, Oregon, did not comment on the situation. For his part, the White House confirmed that “it is aware of the cyber incident”, but did not provide additional details.
Several agencies, including the Department for Internal Security (DHS), the State Department and the Center for Disease Control (CDC), have had contracts with Telemessage in recent years. CDC reported Reuters that he had tested the application in 2024, but gave up.
The official recommendation, issued shortly after the attack, came from the Federal Agency Cisa, who asked for “suspending the use of the application until new instructions.”
Waltz, a vulnerable pawn?
Mike Waltz's name is not new in a context of security breaches. In a previous episode, he was involved in an embarrassing incident after mistakenly added a journalist in a sign-time group that discussed, in real time, air blows to Yemen. Later, he was removed from the position of counselor, but maintained near the administration: Donald Trump later as US ambassador to the UN.
Regarding his direct involvement in the incident Telemessage, neither he nor the representatives of the White House have answered the questions Reuters. Meanwhile, the use of an apparently “secure” application has exposed the digital infrastructure of the US state at a risk of proportions, at a time when political polarization even more complicates the management of institutional vulnerabilities.
Digital war does not forgive bureaucratic negligence
The case reflects an uncomfortable reality: in the post-lifeden era, in which each communication can become an entry point for hostile actors, the breaches are no longer produced in obscure servers, but even in the pockets of government counselors, in the sitting rooms or on the diplomatic banks.
It is a bitter, but necessary lesson, about how the errors, the precarious digital infrastructures and the lack of transparency can transform a technical incident into a national security risk.
The White House said in a comment for Reuters that she is “aware of a cyber security incident” related to Telemessage, but did not specify how the platform is used in the administration.
