A serious cybersecurity breach at Israel-based TeleMessage has exposed archived messages and sensitive data tied to U.S. government officials and major corporations like Coinbase and Scotiabank. The hack exploited weaknesses in the modified encrypted apps provided by TeleMessage, casting doubt on the security of modded communications platforms.
Cracks in the Code: A Breach in Modified Encryption Tools
In a breach that has rattled both public and private sectors, a hacker has compromised TeleMessage, a service that modifies popular encrypted messaging apps like Signal, Telegram, and WhatsApp for enterprise and government use. The breach reportedly allowed access to archived messages, contact lists, and back-end login credentials—revealing that TeleMessage’s architecture had critical vulnerabilities.
According to 404 Media, the exploit targeted TeleMessage’s modded versions of encrypted apps, revealing that while these tools archived communications for compliance and monitoring, they were not end-to-end encrypted between the client and the archive storage location.
One of the more high-profile users revealed in the breach is former U.S. national security adviser Mike Waltz, although no personal messages or sensitive content from cabinet members were compromised. The implications, however, are vast. Among the affected were agencies like the U.S. Customs and Border Protection, crypto giant Coinbase, and financial institutions including Scotiabank.
ALSO READ: Call for Cyber Experts: Join FCRF Academy as Trainers and Course Creators
Who Was Affected—and What Was Leaked?
While no passwords or keys to sensitive systems were reportedly accessed, the leak exposed:
- Archived chat logs and message contents
- Government officials’ contact details
- Internal credentials for TeleMessage’s platform
- Data tied to Coinbase’s internal teams, though not customer accounts
- Enterprise communications from Scotiabank and others
Coinbase stated that no sensitive customer data was leaked as they do not use TeleMessage for password or seed phrase transmission. However, the fact that internal data tied to compliance and monitoring was breached has raised alarms about the risk of surveillance tools backfiring.
Smarsh, TeleMessage’s U.S.-based parent company, responded by suspending all TeleMessage services and initiating an investigation with external cybersecurity experts.
A Cautionary Tale for Surveillance Tech and Modded Encryption
While companies like TeleMessage offer archiving and monitoring solutions for regulatory compliance, these tools can also introduce new vulnerabilities if not securely implemented.
Critics argue that modifying secure platforms like Signal and Telegram for corporate use inevitably breaks the core encryption promises of those apps. “Once you start tweaking the protocol or routing messages through third-party servers for storage,” one cybersecurity analyst warned, “you’ve essentially created a backdoor.”
This breach now adds to the growing debate over the balance between compliance-driven monitoring and individual privacy in enterprise and government communication platforms.
As of now, Signal, Scotiabank, and U.S. Customs and Border Protection have not responded to media queries. The cybersecurity community, meanwhile, is pressing for transparency from Smarsh and a broader reassessment of the use of surveillance-enabling tools on encrypted platforms.