Der Spiegel reports:

Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials.

To do so, the reporters used commercial people search engines along with hacked customer data that has been published on the web. Those affected by the leaks include National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard and Secretary of Defense Pete Hegseth.

Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn. They were used to create Dropbox accounts and profiles in apps that track running data. There are also WhatsApp profiles for the respective phone numbers and even Signal accounts in some cases.

As such, the reporting has revealed an additional grave, previously unknown security breach at the highest levels in Washington. Hostile intelligence services could use this publicly available data to hack the communications of those affected by installing spyware on their devices. It is thus conceivable that foreign agents were privy to the Signal chat group in which Gabbard, Waltz and Hegseth discussed a military strike. [Continue reading…]

Noah Shachtman writes:

If you’re running the security directorate of a hostile nation, savor this moment. It’s never been easier to steal secrets from the United States government. Can you even call it stealing when it’s this simple? The Trump administration has unlocked the vault doors, fired half of the security guards and asked the rest to roll pennies. Walk right in. Take what you want. This is the golden age.

In its first two months, the Trump administration has made move after move that exposes the government to penetration by foreign intelligence services. It’s not just the group chat about forthcoming military strikes that The Atlantic revealed on Monday — although that was, to be clear, as audacious and ridiculous a security breach as there has been in decades. The administration short-circuited the process for conducting background checks on top officials, turned tens of thousands of people with access to government secrets into disgruntled ex-employees and announced it was lowering its guard against covert foreign influence operations. It installed one of Elon Musk’s satellite internet terminals on the roof of the White House, seemingly to bypass security controls, and gave access to some of the government’s more sensitive systems to a teenager with a history of aiding a cybercrime ring, who goes by the nickname Big Balls.

In his first term, President Trump caused an uproar by revealing intelligence to the Russian ambassador that was routinely withheld from America’s actual allies. This is something different: the erosion of America’s ability to keep any secrets at all. The second Trump administration is treating security like just another stale Washington convention, an annoying impediment to its ambitions to move fast, break the bureaucratic state and replace it with an all-powerful executive. The bros in tech and finance don’t have to deal with these creaky, fussy restraints. Why should the White House?

Major adversaries pray for this level of chaos, confusion and opportunity. A secretive Chinese network is trying to recruit fired U.S. government workers. The Naval Criminal Investigative Service states with “high confidence” that foreign adversaries are trying to “capitalize” on the Trump administration’s mass layoffs. But the Chinese Ministry of State Security or the Russian Main Intelligence Directorate aren’t the only ones who stand to profit from the Trump administration’s disregard for even minimal operational security. Intelligence gathering has become easier for everyone. [Continue reading…]