Breach of app used by Trump aide exposed much more U.S. govt data than previously estimated

The hacker who breached the communications service used by former Trump national security adviser Mike Waltz earlier this month had intercepted messages from a broader swathe of American officials than has previously been reported, according to a Reuters review, potentially raising the stakes of a breach that has already drawn questions about data security in the Trump administration.

Reuters identified more than 60 unique government users of the messaging platform TeleMessage in a cache of leaked data provided by Distributed Denial of Secrets, a U.S. nonprofit whose stated mission is to archive hacked and leaked documents in the public interest. The trove included material from disaster responders, customs officials, several U.S. diplomatic staffers, at least one White House staffer and members of the Secret Service.

Once little known outside government and finance circles, TeleMessage drew media attention after an April 30 Reuters photograph showed Waltz checking TeleMessage's version of the privacy-focused app Signal during a cabinet meeting.

While Reuters could not verify the entire contents of the TeleMessage trove, in more than half a dozen cases the news agency was able to establish that the phone numbers in the leaked data were correctly attributed to their owners.

Based on its limited review, Reuters uncovered nothing that seemed clearly sensitive and did not uncover chats by Waltz or other cabinet officials. However, some of the chats did seem to bear on the travel plans of senior government officials. One Signal group, "POTUS | ROME-VATICAN | PRESS GC," appeared to pertain to the logistics of an event at the Vatican. Another appeared to discuss U.S. officials' trip to Jordan.

Reuters reached out to all the individuals it could identify seeking a comment; some confirmed their identities, but most didn't respond or referred questions to their respective agencies.

Jake Williams, a former National Security Agency cyber specialist, said even if the intercepted text messages were innocuous, the wealth of metadata – the who and when of the leaked conversations and chat groups – posed a counterintelligence risk.

"Even if you don't have the content, that is a top-tier intelligence access," said Williams, now vice president of research and development at cybersecurity firm Hunter Strategy.

Waltz's prior use of Signal created a public furor when he accidentally added a prominent journalist to a Signal chat where he and other Trump cabinet officials were discussing air raids on Yemen in real time.