The decision was made according to the report after the Commission became aware of the group’s existence last month and deemed the risk of compromise too high. While there is no evidence yet that communication has actually been intercepted, the threat situation has escalated. Just recently, a private phone call between a journalist and an EU official was intercepted and published. Insiders also report sophisticated phishing attempts. These were intended to trick cabinet members into revealing their Signal PIN codes, thus causing them to lose control of their accounts.

looks like theyre concerned about targeted phishing attacks and organizations being unable to control user accounts from the top down (and thus read their communications) in order to reinstate and do damage control surrounding a negligent user after an attack. ultimately the user is getting tricked into revealing their password, so… human element. perhaps matrix would be best for large organizations like this, for individuals however simplex chat has no identifier tied to the account and in order to compromise a chat theyd need direct access to the computer or the simplex database export afaik, but all programs are vulnerable in that way.

https://www.heise.de/en/news/Signal-Takes-threat-of-targeted-phishing-attacks-very-seriously-11205329.html