Sensitive Contact Details of Top U.S. Security Officials Exposed Online

Confidential phone numbers, email addresses, and even passwords belonging to key members of former President Donald Trump’s national security team have been uncovered on the internet. A DER SPIEGEL investigation revealed that the private data of high-ranking officials—including National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard, and Secretary of Defense Pete Hegseth—were accessible through commercial search engines and leaked databases.

The exposed information, much of which appears to still be active, was linked to social media profiles, fitness apps, and encrypted messaging services like WhatsApp and Signal. This discovery points to a previously unknown security lapse at the highest levels of the U.S. government, raising concerns that foreign intelligence agencies could exploit the data to infiltrate private communications.

A Breach with Far-Reaching Consequences

Hostile actors could use the leaked details to deploy spyware, monitor sensitive discussions, or even impersonate officials in phishing schemes. Shockingly, some of the exposed Signal accounts may have been used by Waltz, Gabbard, and Hegseth to discuss military operations—including a reported plan to strike Houthi militants in Yemen.

According to The Atlantic, this Signal group also included CIA Director John Ratcliffe and other officials, with Trump administration envoy Steve Witkoff even joining from Russia. While the White House denied that classified material was shared, the incident highlights the risks of using personal accounts for official communications.

How the Data Was Found

DER SPIEGEL traced the officials’ information through commercial data brokers and hacked password dumps circulating online. Hegseth’s contact details were particularly easy to obtain—a simple search on a marketing database returned his Gmail and phone number, which matched a now-deleted WhatsApp account featuring a shirtless photo of him. Facial recognition confirmed the identity.

Waltz’s data surfaced in multiple leaks, exposing passwords tied to his Microsoft Teams, LinkedIn, and Signal profiles. Gabbard, though more cautious, still had her email exposed on WikiLeaks and Reddit, along with a partial phone number that led to active messaging accounts.

A Goldmine for Hackers and Spies

Cybersecurity expert Donald Ortmann warns that such leaks enable sophisticated attacks: “Phishing, deepfake impersonations, and malware infections become trivial when private details are public. Hackers can hijack accounts, eavesdrop on conversations, or even blackmail officials.”

While DER SPIEGEL has withheld the exact details for security reasons, the findings underscore a disturbing trend: even those tasked with safeguarding national security are vulnerable to digital exposure. Despite attempts to contact the affected officials and their agencies, no responses have been received.