Communication Application Telemessage Signal, which at least one Trump administration official reportedly used by at least one official in the archive information, has suffered a breach of security flaws and has caused its parent company to suspend services this week, pending investigation. Now, according to detailed new discoveries by journalist and security researcher Micah Lee, TM Signal's archive capability appears to fundamentally undermine Signal's flagship security and send messages between the application and the user's message archive without end-to-end encryption, allowing users' communications to access remote information.

Lee conducted a detailed analysis of the Android source code of TM Signal to evaluate the design and security of the application. In his collaboration with 404 Media, he had previously reported hacking of TM signals over the weekend, revealing some user messages and other data, a clear sign that at least some data is sent or sent in plain text, at least for at least some time in the service. This alone seems to contradict Telemessage's marketing claims that TM Signal provides "end-to-end encryption from mobile phones to company archives." But Lee said his latest discovery suggests that TM signals are not end-to-end encrypted and that the company can access content that users chat.

"The fact that there is a plain log confirms my assumption," Lee told Wired. "The fact that the archive server is such a trivial fact for someone, and the lack of basic security of the TM signal is worse than I expected."

Telemessage is an Israeli company that was acquired last year by U.S. digital communications company Smarsh. Telemessage is a federal contractor, but the consumer applications it provides are not approved for use under the U.S. government’s federal risk and authorization management program or FEDRAMP.

Smarsh did not return a Wired request for comments about Lee discovery. "Telemessage is investigating a potential security incident. After discovery, we took quick action to control it and engage with an external cybersecurity company to support our investigation," the company said on Monday.

Lee's findings may be important to all telemetry users, but given that President Donald Trump's current national security adviser Mike Waltz uses TM signals. He took photos last week using the service at a cabinet meeting that appeared to indicate he was communicating with other senior officials, including JD Vance, vice president of the U.S. national intelligence company Tulsi Gabbard, and appears to be U.S. Secretary of State Marco Rubio. TM signals are compatible with signals and will reveal messages sent in chat with someone using TM signals, whether all participants are using it or some are using real signaling applications.

Lee discovered that the TM signal is designed to store signal communication data in a local database on the user's device and then send it to an archive server for long-term retention. He said the messages were sent directly to the archive server, and in the case of Lee's checking, it appeared to be plain text chat logs. He said that while performing the analysis, “confirm that the archive server has access to the plaintext chat log.”

Data obtained from the Telemessage Archive Server searched by hackers include chat logs, usernames and plaintext passwords, and even private encryption keys.

In a letter Tuesday, U.S. Senator Ron Wyden called on the Justice Department to investigate the telematics ceremony, accusing it of a "serious threat to U.S. national security."

“Government agencies that adopt remote archives choose the worst option,” Wyden wrote. “They give users something that looks and feels like signals, which is the most trusted secure communications app. But instead, signal copying by senior government officials poses many serious security and counterintelligence threats. The security threat posed by Telemessage Archiver is not theoretical.”