
An investigation has been launched at the White House following reports that unknown individuals gained access to the contact list on the personal phone of Susie Wiles, Chief of Staff to the President of the United States, and used the information to impersonate her in communications with senior officials.
According to The Wall Street Journal, it was Wiles herself who informed colleagues that her phone had been compromised — a claim corroborated by CBS News sources. The hackers allegedly accessed her contact list, which includes phone numbers of influential figures and members of the U.S. leadership. Several of them reportedly received calls mimicking Wiles’ voice — likely generated using artificial intelligence — along with text messages from an unfamiliar number purporting to be her.
As White House spokesperson Anna Kelly explained to TechCrunch, it remains unclear whether the breach involved a cloud account linked to Wiles’ phone or was the result of a more sophisticated cyberattack — potentially involving state-sponsored spyware. The administration has stated that “the matter is under review” and emphasized that “cybersecurity for staff is a top priority.”
This is not the first instance of Wiles being targeted. In 2024, The Washington Post reported an attempted breach of her personal email by Iranian hackers. It was later revealed that the attack had succeeded, resulting in the theft of a dossier on J.D. Vance — then a vice-presidential candidate on Donald Trump’s ticket.
The incident involving Wiles is the latest in a growing series of leaks and security lapses that have plagued the Trump administration since its return to the White House. In March, it emerged that former National Security Advisor Michael Waltz had inadvertently added a journalist to a private Signal chat in which participants were discussing, among other things, plans for airstrikes in Yemen. It was later discovered that the participants were using a modified version of Signal — TeleMessage — a platform designed for archiving communications. That system, it turned out, had been compromised at least twice, resulting in the exposure of sensitive personal messages.