Signal Group Chat Fiasco Is Far From The Only Digital Security Issue For Trump White House

As the White House continues to contend with the fallout of the Signal group chat controversy, more details are coming out about other security breaches exposing the private contact data of senior members of President Donald Trump’s administration.

German outlet Der Spiegel reported on Wednesday that it was able to recover phone numbers, email addresses and in some cases passwords for accounts belonging to national security adviser Mike Waltz, Defense Secretary Pete Hegseth and Director of National Intelligence Tulsi Gabbard from commercial databases and password leaks available online.

The outlet noted it was “particularly easy” to obtain Hegseth’s contact information. Der Spiegel received the number and email address connected to Hegseth’s LinkedIn account through a commercial provider, and subsequently found that email, and in some instances its password, in more than 20 available leaks.

“Using publicly available information, it was possible to verify that the email address was used just a few days ago,” Der Spiegel said.

Similarly, the German news website was also able to obtain Waltz’s number and email, and then match it to accounts on Microsoft Teams, LinkedIn, WhatsApp and Signal. After the outlet contacted Waltz on WhatsApp and Signal, both accounts appeared to go dark.

Meanwhile, Wired found that a Venmo account apparently belonging to Waltz was open to the public until the magazine informed the national security adviser’s team about their review. That account had a public 328-person friend list, with journalists, lawmakers and current administration officials, including White House chief of staff Susie Wiles. Wiles’ account on the platform also seemed to be public until Wired reached out to the White House.

The two reports come on the heels of Atlantic Editor-in-Chief Jeffrey Goldberg’s firsthand account of being inadvertently added by Waltz to a Signal group chat in which senior administration officials discussed imminent plans to strike Iran-backed Houthi militants in Yemen.

Goldberg on Wednesday published the attack plans he had originally withheld from his first report on the topic amid concerns that the content was too sensitive.

Several statements from Trump administration officials downplaying the issue “have led us to believe that people should see the texts in order to reach their own conclusions,” The Atlantic wrote.

One of the most notable exchanges in the group was an operational update shared by Hegseth that appeared to include precise timings about when the U.S. warplanes would launch and then strike the Houthi targets.

“1415: Strike Drones on Target (THIS IS WHEN THE FIRST BOMBS WILL DEFINITELY DROP, pending earlier ‘Trigger Based’ targets),” Hegseth wrote in part.

Hegseth, who continues to enjoy Trump’s support, has dismissed the seriousness of sharing this type of information on the commercial messaging app, which his own department had previously flagged as displaying security vulnerabilities.

“There’s no units, no locations, no routes, no flight paths, no sources, no methods, no classified information,” Hegseth told reporters. “You know who sees war plans? I see them every single day.”