
The personal contact information of key national security advisors to former U.S. President Donald Trump has surfaced publicly on the internet. Journalists from the German outlet DER SPIEGEL uncovered mobile phone numbers, email addresses, and even passwords belonging to high-ranking officials.
To obtain the data, reporters relied on commercial search engines and databases of compromised user information. Among those affected were National Security Advisor Mike Waltz, former Congresswoman Tulsi Gabbard, and Secretary of Defense Pete Hegseth.
Many of the phone numbers and email addresses appeared to still be active. They were linked to profiles on Instagram* and LinkedIn, used for registering accounts with Dropbox and fitness tracking apps, and were associated with WhatsApp and, in some instances, Signal accounts.
The article underscores profound flaws in U.S. security infrastructure, suggesting that the public availability of personal data belonging to Trump’s advisors could allow hostile intelligence agencies to deploy spyware and compromise their devices. Consequently, it is conceivable that foreign operatives may have had access to a Signal group chat where Gabbard, Waltz, and Hegseth allegedly discussed potential military strikes.
According to The Atlantic, Gabbard, Waltz, Hegseth, CIA Director John Ratcliffe, and other officials used Signal to deliberate plans for a strike against Houthi forces in Yemen. These discussions reportedly included classified intelligence and detailed operational strategies, with Waltz even adding a magazine editor to the chat.
DER SPIEGEL journalists obtained Pete Hegseth’s phone number and email address through a commercial data broker—typically employed by companies for sales, marketing, and recruitment. Mike Waltz’s details were sourced from the same provider, with his phone number also appearing in a popular U.S.-based people search engine. Several passwords tied to Waltz’s email address were discovered in leaked databases.
Tulsi Gabbard had taken more precautionary measures. She had opted out of commercial search platforms, yet her email address still surfaced on WikiLeaks and Reddit.
Cybersecurity expert Donald Ortmann warned that the exposed data could be leveraged in phishing campaigns or used to infiltrate email accounts, messaging platforms, and payment systems. Once compromised, such accounts could serve as vectors for spyware deployment, surveillance of private communications, and even political blackmail.
The U.S. Department of Defense did not respond to requests for comment. A spokesperson for the National Security Council stated that Mike Waltz’s passwords had been changed before he entered Congress in 2019. The Office of the Director of National Intelligence noted that Tulsi Gabbard’s personal data had been compromised nearly a decade ago, and that she had not used the implicated platforms for years, having changed her passwords repeatedly.