Passwords, personal data of US security heads exposed on Signal
What's the story
Private data of key security advisers to US President Donald Trump has been compromised. The breach is connected to their use of a Signal group chat to plan airstrikes on Yemen. Data including mobile numbers, email addresses and in some cases passwords of National Security Advisor Mike Waltz, Defence Secretary Pete Hegseth, and Director of National Intelligence Tulsi Gabbard have been exposed.
Data exposure
Information accessible through commercial data-search services
The leaked information is available on commercial data-search services and websites that publish hacked data. However, the precise date of the information's release is unclear, according to the German news magazine Der Spiegel. The incident has triggered demands for resignation of senior officials, amid bipartisan criticism, after embarrassing revelations emerged earlier this week.
Chat details
Sensitive plans discussed in Signal group chat
The group chat included Trump administration officials, Vice President JD Vance, Secretary of State Marco Rubio, and others. They were discussing sensitive plans to strike Houthi targets in Yemen via the Signal app. This discussion likely jeopardized the safety of US servicemen involved in the operation. On Wednesday evening, Trump defended Hegseth saying "He had nothing to do with this" and called the scandal a "witch-hunt."
Profile connections
Personal information linked to social media, location-tracking apps
The leaked data, mostly current phone numbers and email addresses, were also linked to social media platforms such as Instagram and LinkedIn. They were also connected to cloud-storage service Dropbox and location-tracking apps. Der Spiegel pointed out that Hegseth's mobile number and email address were "particularly easy" to find using a commercial provider of contact information.
Security risks
Potential exposure to spyware and foreign agents
The email ID, and sometimes even the password associated with it, was present in over 20 data leaks. It was also observed that the mobile number led to a WhatsApp account which Hegseth appeared to have deleted recently. Gabbard and Waltz's numbers were associated to accounts on WhatsApp and Signal, making them susceptible to possible spyware installation on their devices. The National Security Council has said Waltz accounts and passwords cited by Der Spiegel had all been updated in 2019.
Information denial
White House denies sharing classified material
White House Press Secretary Karoline Leavitt denied any classified material was shared in the chat. "No war plans were discussed," she said. But The Atlantic's Editor-in-Chief Jeffrey Goldberg said he was unwittingly added to a group chat where top US officials discussed strikes on Yemen's Houthi rebels. The incident has triggered widespread criticism and calls for an investigation into the matter.