Experts debate whether top US officials should use Signal for sensitive communications

The recent leak of Houthi strike plans by the Trump administration to a journalist was not the result of a hack, but rather an apparent human error. The leak, which occurred on the messaging app Signal, has sparked a debate over whether sensitive military information should be communicated on a non-government platform.

Jeffrey Goldberg, editor-in-chief of The Atlantic, revealed that he was added to a group chat on Signal on March 11 by National Security Advisor Mike Waltz titled “Houthi PC small group.” The leaked conversation reportedly involved the nation’s top government officials, including the vice president, secretary of defense, director of the CIA, and others, discussing sensitive details of a planned strike on Houthi terrorists in Yemen.

The use of Signal, an encrypted messaging app, raised concerns about the security of such platforms. While encryption ensures that only the sender and receiver can view a message, experts warn that metadata could still be accessible. Additionally, screenshots and photos are not protected by Signal, and spyware could potentially intercept messages before or after encryption.

Government officials and journalists often use Signal to communicate sensitive information to avoid potential public disclosure under the Freedom of Information Act. However, transmitting controlled but unclassified information on Signal is explicitly prohibited by Defense Department policy.

In light of recent warnings from Google’s Threat Intelligence Group about efforts to compromise Signal accounts, concerns about the security of the platform have escalated. Close-access operations, where a threat actor gains brief access to a target’s unlocked device, pose a significant risk.

The leaked chat reportedly contained operational details of forthcoming strikes on Iran-backed Houthi rebels in Yemen, including information about targets, weapons, and attack sequencing. While the Trump administration has denied sharing classified information in the chat, critics argue that such a breach could violate U.S. laws on transmitting defense information.

The incident has raised questions about the security practices of government officials and the potential consequences of using non-government platforms for sensitive communications. The debate surrounding the leak of Houthi strike plans highlights the need for heightened cybersecurity measures and adherence to established protocols for handling classified information.