Ahead of the Signal leak, the Pentagon warned of the app’s weaknesses
Days before top national security officials accidentally included a reporter in a Signal chat about bombing the Houthi sites in Yemen, a Pentagon-wide advisory warned against using the messaging app, even for unclassified information.
“A vulnerability has been identified in the Signal messenger application,” begins the department-wide email, dated March 18, obtained by NPR.
The memo continues, “Russian professional hacking groups are employing the ‘linked devices’ features to spy on encrypted conversations.” It notes that Google has identified Russian hacking groups who are “targeting Signal Messenger to spy on persons of interest.”
In a statement to NPR, Signal spokesperson Jun Harada said, “We aren’t aware of any vulnerabilities or supposed ones that we haven’t addressed publicly.”
The Pentagon memo adds, “Please note: third-party messaging apps (e.g. Signal) are permitted by policy for unclassified accountability/recall exercises but are not approved to process or store non-public unclassified information.”
The encrypted Signal app is what Defense Secretary Pete Hegseth and other leading national security officials within the administration used to discuss bombing Houthi earlier this month. The Atlantic editor Jeffrey Goldberg was inadvertently added to the group and privy to the highly sensitive discussions.
In the military, sending classified data over insecure channels is called “slippage” when it’s considered minor, but even that can be a career ender for a military officer.
At least as far back as 2023, a DoD memo, also seen by NPR, prohibited use of mobile applications for even “controlled unclassified information,” which is many degrees less important than information about on-going military operations.
There’s almost no precedent for the heads of Defense, State, Intelligence and National Security to be sharing such sensitive military intelligence in a forum that was known to be unsecured.
NPR’s Bobby Allyn contributed to this story.
NPR disclosure: Katherine Maher, the CEO of NPR, chairs the board of the Signal Foundation.
Trump has rolled out many of the Project 2025 policies he once claimed ignorance about
Some of the 2025 policies that have been implemented include cracking down on immigration and dismantling the Department of Education.
U.S. lawmakers wrap reassurance tour in Denmark as tensions around Greenland grow
A bipartisan congressional delegation traveled to Denmark to try to deescalate rising tensions. Just as they were finishing, President Trump announced new tariffs on the country until it agrees to his plan of acquiring Greenland.
Can exercise and anti-inflammatories fend off aging? A study aims to find out
New research is underway to test whether a combination of high-intensity interval training and generic medicines can slow down aging and fend off age-related diseases. Here's how it might work.
The 2026 Olympics are the most widespread in history. See what’s happening where
Competitions will be hosted at 25 venues spanning an area of more than 8,000 square miles. Here's what's happening at each of the four main clusters.
High-speed trains collide after one derails in southern Spain, killing at least 21
The crash happened in Spain's Andalusia province. Officials fear the death toll may rise.
United Nations leaders bemoan global turmoil as the General Assembly turns 80
On Saturday, the UNGA celebrated its 80th birthday in London. Speakers including U.N. Secretary-General António Guterres addressed global uncertainty during the second term of President Trump.
