Trump's Signal Archiving Tool Taken Offline

share
Header image

Trump's Signal Archiving Tool Taken Offline

share

Parent of TeleMessage suspends all services.


TeleMessage has suspended all services after hackers claimed to have stolen files from it.

After it was disclosed that the tool was being used for archiving Signal messages by the White House, and could be hacked in 30 minutes, NBC news has now suspended all services.

A spokesperson for Smarsh, TeleMessage’s parent, said on Monday that the company “is investigating a potential security incident. Upon detection, we acted quickly to contain it and engaged an external cybersecurity firm to support our investigation.”

“Out of an abundance of caution, all TeleMessage services have been temporarily suspended,” the spokesperson said.

Paused Use

Customs and Border Protection has paused its use of the app, a spokesperson for the Department of Homeland Security said.

“Following the detection of a cyber incident, CBP immediately disabled TeleMessage as a precautionary measure. The investigation into the scope of the breach is ongoing,” the spokesperson said.

Thomas Richards, infrastructure practice director at Black Duck, said, "This breach is alarming on many levels. Taking a secure messaging application and changing core functionality, such as backing up messages, essentially breaks the security model.

“Users want secure messaging for privacy; it now appears the messages were not encrypted. This creates a security risk for the users of the application as their sensitive information could be, and has been, compromised. Any organisation that is looking into a secure messaging application for compliance reasons should thoroughly review the application. This should include at least a penetration test against the application, and a threat model to understand what risks the application could introduce.”



Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Application SecurityMobile Published: 6 May Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Europe moves toward teen social media limits

Europe moves toward teen social media limits

 SC Awards Europe: Deadline Extended!

SC Awards Europe: Deadline Extended!

 Open Source Security Risks: Countering the Threat

Open Source Security Risks: Countering the Threat
Your Service Desk is the New Attack Vector

Your Service Desk is the New Attack Vector

 EU flags TikTok, alleging addictive app design

EU flags TikTok, alleging addictive app design

 Russia-linked botnet found on UK firm's server

Russia-linked botnet found on UK firm's server
The 4 Worst Vulnerabilities of 2025 – And How To Boost Patch Management in 2026

The 4 Worst Vulnerabilities of 2025 – And How To Boost Patch Management in 2026