Not recommending Telegram, but personally, I suspect that signal is compromised. They've been permanently storing sensitive user data in the cloud for a long time time (https://community.signalusers.org/t/proper-secure-value-secu...) but the very first sentence of their Terms and Privacy page still claims "Signal is designed to never collect or store any sensitive information." and they've been asked multiple times but refuse to update their privacy policy. I suspect that lie is being kept there as a giant dead canary.

Making the change to start keeping exactly the data that the government has been asking them to turn over isn't a very good look. "Securing" user's data with something as week as a PIN isn't great either. https://www.vice.com/en/article/pkyzek/signal-new-pin-featur... Note that the "solution" of disabling pins mentioned at the end of the article was later shown to not prevent the collection and storage of sensitive user data. It was just giving users a false sense of security. To this day there is no way to opt out of the data collection.