Wyden Calls on DOJ to Investigate National Security Risks Posed by White House Officials Using Insecure Messaging App and Apparent False Claims from App Provider
Signal knockoff TeleMessage Has Been Repeatedly Hacked and Poses Major Security Risks to U.S. Government; Company Officials Have Made Misleading Statements About the App’s Security
Washington, D.C. — U.S. Senator Ron Wyden, D-Ore., requested an immediate investigation of the security and counterintelligence risks posed by White House personnel using TeleMessage Signal Archiver, and the apparent false claims that the app provider made to secure federal contracts, after a senior Trump administration official was seen using the app late last week.
TeleMessage is a foreign company that claims to offer a secure tool to archive messages sent through Signal, the popular and secure encrypted messaging app. However, TeleMessage’s app, Signal Archiver, sends unencrypted copies of every message to a server administered by the company, according to a security researcher who analyzed the app. Because of the service’s insecure design, it has been repeatedly hacked over the past week, according to reports by 404 Media and NBC News. One hacker gained access to communications of TeleMessage customers, including U.S. Customs and Border Protection officials.
TeleMessage’s design erases the security benefits of Signal and its foreign ownership creates important security and intelligence questions, Wyden wrote to Attorney General Pam Bondi.
“It would be hard to imagine a less secure way for U.S. government agencies to retain employee messages than decrypting, copying to, and processing those messages on a poorly secured server operated by a foreign company,” Wyden wrote. “It remains unclear whether the design of this system was merely the result of incompetence on the part of the foreign company, whose senior leadership are former intelligence officers, or a backdoor designed to facilitate foreign intelligence collection against U.S. government officials.”
Wyden called on the Justice Department to investigate whether TeleMessage violated the False Claims Act with apparently false claims to offer end-to-end encrypted messaging when it sold its dangerously insecure products to the federal government.
The full letter is available here.
###
Next Article Previous Article
