Top Trump administration national security officials’ use of the messaging app Signal is raising new questions about the platform and how the administration is transmitting sensitive government information.
Cybersecurity experts said they were surprised to learn conversations containing sensitive materials, including plans for airstrikes, were taking place on Signal as reported by The Atlantic Editor-in-Chief Jeffrey Goldberg on Monday.
The story was “very mind-blowing,” said JP Castellanos, the director of threat intelligence for Binary Defense. He served in the U.S. Central Command’s (Centcom) Cyber Security Division.
Goldberg, a long-time foreign affairs correspondent, published a story Monday claiming he was invited to a group chat on Signal earlier this month by national security adviser Mike Waltz.
According to Goldberg, top security officials, including Defense Secretary Pete Hegseth and Vice President Vance, discussed plans for airstrikes on Iran-backed Houthis in Yemen hours before they were launched.
The National Security Council confirmed the message chain was authentic, adding it is investigating how Goldberg was included in the chat. The White House later attempted to downplay the situation on Tuesday, with press secretary Karoline Leavitt maintaining no “war plans” were discussed in the chat.
Leavitt said the White House Counsel’s Office has “provided guidance on a number of different platforms for President Trump’s top officials to communicate as safely and as efficiently as possible.”
During his time at the Defense Department, Castellanos said the agency conducted multiple rounds of testing applications to ensure it is shielded from any foreign adversaries’ hacking attempts.
“It’s a very long, arduous process,” Castellanos explained.
It is not clear whether Signal was on the list of approved platforms, or whether the officials used the messaging service on official government phones or laptops.
CIA Director John Ratcliffe confirmed Tuesday he was on the group chat and told a Senate committee Signal was loaded onto his work computer, “as it is for most CIA officers.”
“One of the things that I was briefed on very early, senator, was by the CIA records management folks about the use of Signal as a permissible work use,” Ratcliffe said during a previously scheduled Senate Intelligence Committee hearing. He appeared beside Director of National Intelligence Tulsi Gabbard and another reported member of the chat.
While there are still questions about where Signal was used and whether the material was deemed classified at the time, cybersecurity experts and lawmakers quickly sounded the alarm over the security risks of using an outside-of-government system to discuss highly sensitive materials.
“This is one more example of the kind of sloppy, incompetent behavior, particularly towards classified information, that this is not a one-off or a first-time error,” Sen. Mark Warner (Va.), the top Democrat on the Senate Intelligence Committee, said during opening remarks of the Tuesday hearing.
Warner called on Waltz and Hegseth to resign, while some Democrats urged congressional Republicans to have the officials testify before Congress.
Signal offers end-to-end encryption, meaning information about users’ private conversations is not shared with the technology company. The platform is frequently used by journalists, Capitol Hill staffers and some businesses looking for extra security while messaging.
While it offers some protection, cybersecurity experts said it doesn’t come close to what the federal government requires for the high-risk information.
“[Signal] is more secure than many other texting systems. However, it is not the same kind of security that’s embedded in … our classified, secret and above top-secret systems,” said Rear Adm. Mark Montgomery, a senior fellow and senior director of the Center for Cyber and Technology Innovation at the Foundation for Defense of Democracies.
“And certainly, the compliance of the devices is not maintained on the same level,” Montgomery added. “So, to me, this was an obvious operational security violation.”
Several experts suggested the officials likely used Signal for ease of use, noting the classified handheld devices are less user-friendly.
Former national security adviser John Bolton slammed the administration officials for using Signal, telling CNN on Monday, “If you think Signal is equivalent to U.S. government secure telecommunications, think again.”
Should an adversary obtain a White House official’s phone number or Signal number, they could then send a malicious link to install malware, computer viruses and listening software to gain access to sensitive information, Castellanos explained.
“There are plenty of adversaries that are trying to find ways to basically spear phish to infect those users’ phones,” Castellanos added.
Matthew Mittelsteadt, a cybersecurity and emerging technologies expert with the American libertarian think tank Cato Institute, pushed back against concerns Signal is insecure because it is not an official government channel.
“The world of encryption is a lot bigger than the government,” Mittelsteadt told The Hill.
Mittelsteadt said he is more concerned about the security of the actual “endpoint devices,” including the phones and laptops, where these messages are being shared.
“Signal might be very secure, but the security of your messages on Signal is only as good as the overall practices that you as the individual set up. It’s only as secure as your personal phone, and any insecurities in the sort of surrounding environment could actually somehow leak the information on your phone,” Mittelsteadt said.
Days after the Signal chat was created, the Pentagon sent a memo within the agency warning against using the messaging app, though it is unclear if there was a connection, NPR reported.
The Hill reached out to the Pentagon and Signal for comment.
Some experts are weighing whether the officials have violated the Espionage Act, but they noted there are too few public details about the nature of the materials to determine any legal issues at this point.
“Did the communications contain classified information?” one Washington-area cybersecurity expert told The Hill. “If the answer is yes, then you’d have to ask, was this use of Signal a mishandling of that classified information?”
