TeleMessage

TeleMessage, an enterprise communications and archiving platform used by US government officials, was compromised when a hacker gained unauthorized access and exfiltrated private message archives. The attacker claimed to have broken into the service, obtaining files that contained user communications across SMS, MMS, voice calls and messages from apps like WhatsApp, WeChat, Telegram and Signal. Although the stolen data included private conversations, no messages from US government accounts or officials were found in the breach. The hack was confirmed when portions of the archive were reviewed by a security publication, verifying the authenticity of the stolen content. Details on the attack vector remain unclear: it is not known whether a zero-day vulnerability was exploited, or if malware or credential theft played a role. TeleMessage and US authorities have yet to comment publicly, while Signal has warned users about the risks of unofficial forks of its application. The incident raises concerns over the security of third-party messaging services, potential regulatory compliance lapses and the exposure of sensitive personal communications on a platform that had been chosen for its supposed privacy features.

Source: https://www.techradar.com/pro/security/telemessage-the-signal-esque-app-used-by-the-trump-administration-has-been-hacked

"id": "tel300050525",
"linkid": "telemessage",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"