They have and should have been for a long time.

1. Non-secret chats are not encrypted (maybe tls between devices and servers)
2. Messages are stored on servers in plaintext (or easily reversible encryption)
3. Over the past (almost decade) they have complied with governments by supplying chat data when requested (with some notable pushback, but yeah)
4. It's a free service (how are they funding running the service)? Most suggest that Durov was just paying for it out of his pocket but I highly doubt that math
5. It's a central point of failure, and relies and company hosted servers with proprietary software. 

Like I've mentioned before, a company in order to exist must often have to comply with government requests. To me that's the reality. Those who say otherwise imo have never been told by a government attorney that "they don't want you in business by any means necessary".   

Alternatives like signal, still mostly rely on a single companies existence, but offer 
- e2ee private and group chats
- store little to no information on users or their chats
- open source a portion of their software
- Have a better history of non-compliance or more transparent compliance procedures

Telegram relatively convenient which I think aided in it's popularity, along with it's ability to have a big public API for bots and other fun things, that no other platform can do with encryption.