As noted by Cyber Insider, The Intercept has alerted the public to a security breach involving its official Signal tipline username. An impersonator gained control of the username, posing as the investigative news outlet and potentially jeopardizing confidential sources who attempted to submit sensitive information.An analysis by Dr. Martin Shelton of the Freedom of the Press Foundation suggests several ways the Signal username could have been compromised. The impersonator reportedly began soliciting tips as early as February 2026, actively promoting the compromised username across social media and responding to lawmakers and federal officials approximately 100 times between April and May. During this period, the fraudulent username remained listed on The Intercept's public tip page, increasing the risk of sources unknowingly contacting the impersonator. The Intercept publicly acknowledged the issue on June 30, updating its contact information and instructing users to avoid the previous username, TheIntercept.01.Possible causes for the compromise include Signal accounts becoming inactive and their usernames being released for reuse after about 120 days, or a change in username making the previous one available. SIM-swapping attacks are also a less common possibility. The Freedom of the Press Foundation recommends keeping Signal accounts active, avoiding frequent username changes, securing accounts against SIM-swapping, and enabling Signal's Registration Lock and PIN protection to mitigate future risks.Source: Cyber Insider
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds





