US top officials have continued being hit with security leaks: German news outlet Der Spiegel has found that private contact details of US President Donald Trump’s most important security advisers could be viewed on the internet.
Mobile phone numbers, email addresses and, in some cases, passwords were found online, the news agency said on March 26.
The WhatsApp profile photo of US Defence Secretary Pete Hegseth was shared in the article, proving they found his mobile number and private e-mail address “in a particularly simple way”.
The German magazine said it used information from commercial search engines and customer data published on the internet.
Commercial contact data was mainly used by companies for sales, marketing and recruitment.
Der Spiegel provided the contact data provider with a link to Hegseth’s LinkedIn profile and was provided with a Gmail address and a mobile phone number, among other things.
The outlet surmised that some publicly available numbers and email addresses were probably still used by those affected and a few were connected to profiles on Instagram and LinkedIn, among others.
Phone numbers matched with WhatsApp profiles and Signal accounts, the messaging service that was central in the first scandal in which a left-wing US journalist was invited to a private chat group of top officials discussing a military strike on Houthi rebels in Yemen.
The new findings highlighted another serious security vulnerability in Washington that was previously unknown, Der Spiegel said, claiming: “This publicly available data could be used by enemy intelligence services to hack the communications of those affected by infecting their devices with spyware.
“It is therefore conceivable that foreign agents were prying when [US Director of National Intelligence Tulsi] Gabbard, [National Security Advisor Mine] Waltz and Hegseth discussed a military strike in a Signal chat with others.”
According to Der Spiegel, the contact details for Gabbard, Hegseth and Waltz were found partly in commercial databases, partly in so-called password leaks.
Security experts said the exposed data allowed attackers to hack devices and certain apps. They were also vulnerable to malware, communications being monitored and political blackmail.
The US defence department was reportedly sent questions about the findings but Der Spiegel said it did not receive an answer.
The US Office of the Intelligence Co-ordinator told the news outlet that Gabbard’s private data, some of which had been shared on WikiLeaks and Reddit, was leaked almost 10 years ago.
Despite that, according to the German magazine, Gabbard’s private Google account was still being used about two weeks ago.
