I've been digging through the 410 GB of Java heap dumps from TeleMessage's archive server, provided by DDoSecrets. Here's a description of the dataset, some of my initial findings, details about an upcoming open source research tool I'm going to release, and a huge list of potential TeleMessage customers.
First, some background. This "clean OPSEC" saga is unbelievable.
Mike Waltz invited a journalist into a Signal group full of high-level Trumpers where they discussed and executed bombing an apartment building full of innocent people. This led to Congressional hearings (about using a Signal group for war, not the war crimes themselves... Congress doesn't really care about those).
Later, Waltz was photographed using TeleMessage SGNL, an Israeli-made knockoff of Signal that archives messages for its customers, and that lied about supporting end-to-end encryption. Then TeleMessage was hacked, twice. The trivial vulnerability let anyone on the internet download Java heap dumps from the server. Then, DDoSecrets released 410 GB of these heap dumps, all from May 4, 2025, and is distributing them to journalists and researchers.
"The trove included material from disaster responders, customs officials, several U.S. diplomatic staffers, at least one White House staffer and members of the Secret Service," according to a Reuters report.
How so?