A significant security breach has emerged involving TeleMessage, a company that offers modified versions of popular encrypted messaging platforms like Signal, Telegram, and WhatsApp. This vulnerability allowed hackers to access archived messages and sensitive data from U.S. government officials and various entities using the service, as reported by 404 Media.
TeleMessage gained attention recently when it was revealed that former U.S. National Security Adviser Mike Waltz was utilising a modified version of Signal provided by the company. Based in Israel and owned by Smarsh, TeleMessage enables clients to archive messages, encompassing voice notes from these secure messaging applications.
While the security breach did not compromise the actual messages of cabinet members or Waltz himself, it was reported that the hacked data included the content of messages, the contact details of government officials, backend login credentials for TeleMessage, and additional information. Notably, the breach involved data related to U.S. Customs and Border Protection, cryptocurrency exchange Coinbase, and financial institutions like Scotiabank.
The incident highlighted a critical flaw: the archived chat logs are not end-to-end encrypted between the modded Signal version offered by TeleMessage and the storage location for these messages. This poses a significant concern regarding the security of communications archived by the service.
As of now, Smarsh, Signal, U.S. Customs and Border Protection, Coinbase, and Scotiabank have not yet provided comments in response to inquiries regarding the breach. This situation underscores the ongoing vulnerabilities that exist within modified messaging applications, raising questions about the integrity and security of communications within sensitive environments, particularly for government officials.
Fanpage:Â TechArena.au
Watch more about AI – Artificial Intelligence
