WASHINGTON — Congressional cybersecurity officials faced renewed pressure Friday to issue updated guidance on encrypted messaging apps after Rep. Don Bacon disclosed his Signal account had been hacked.
Bacon, a Nebraska Republican and member of the House Armed Services Committee, warned colleagues that the platform was not secure and urged US officials to stop relying on it for sensitive communications. Attackers had accessed his device through what officials characterized as a device-level intrusion rather than a flaw in Signal's encryption.
The House Chief Administrative Officer has previously advised members and staff on approved communication tools. Lawmakers on the House Administration Committee have now called for clearer standards on device security and mandatory security briefings before the next legislative session.
Signal's developers maintain that its end-to-end encryption remains sound. Security researchers, including analysts at cybersecurity firms tracking state-linked phishing campaigns, have noted a rise in attacks targeting Signal's linked-device feature, exploiting users rather than the encryption itself.
The breach has intensified debate over how public officials handle secure communications, with several members pushing for mandatory security protocols and hardened government-issued devices.