Trump administration officials accidentally shared planning for combat action with a reporter, and it’s exactly the type of failure that military leaders have long feared — one that comes from sloppy OPSEC and smartphones.
Using Signal, a popular secure messaging app that is encrypted though not impenetrable, Secretary of Defense Pete Hegseth, National Security Advisor Mike Waltz, Vice President JD Vance, and other top officials discussed key details related to pending US airstrikes against Houthi militants in Yemen, including weather, assets involved, and timing.
What the group failed to recognize is that one chat member was actually the top editor of The Atlantic magazine.
“We are currently clean on OPSEC,” Hegseth wrote in the group chat just below an operational timeline that identified the types of planes involved and strike start times.
Two OPSEC violations are apparent from the chat.
Most obviously, sensitive military topics were openly discussed with an individual without a “need to know” and presumably without an appropriate security clearance. Second, that operational information was transmitted over an unsecured line, vulnerable to enemy hacking.
Cellphones with cameras have long been a threat to military operations. Even clumsy use can expose secret military systems or disclose coming military action.
What is OPSEC?
Operational security, known by most troops and government workers as OPSEC, is the management and control of sensitive information to prevent it from falling into the wrong hands.
Good OPSEC practices can include obvious things, like encrypting HR emails containing troop social security numbers or home addresses, and more advanced practices, such as ensuring only select personnel are “read in” on special intelligence areas, limiting leak potential.
Former Trump Secretaries of Defense Jim Mattis and Mark Esper each enacted guidance to clamp down on leaks during their respective tenures, though those faced criticism and concerns about maintaining military transparency. In one training, the press was identified as an adversary.
OPSEC is tremendously important to military operations. There have been countless OPSEC campaigns within the military to boost understanding of proper discipline.
Service members must complete OPSEC training annually, usually in the form of online courses, to mitigate potentially harmful disclosures, which can result in severe punishments.
The White House has denied that the messages were “war plans” and that any classified material was shared. President Donald Trump has signaled that his national security advisor, who added The Atlantic editor Jeffrey Goldberg to the Signal chat according to chat logs, has his confidence and will keep his job.
“Michael Waltz has learned a lesson, and he’s a good man,” the president told an NBC reporter.
Last week, the US Marine Corps’ top general, Gen. Eric Smith, warned Marines in a video posted to social media that sloppy cellphone OPSEC, such as sending messages across unsecured lines with certain actionable details, might mean death in combat situations, as that information could be monitored by foes.
“If you can be sensed, you can be targeted,”Smith said in the video. “And if you can be targeted, you can be killed.”
Days before The Atlantic’s story on the Signal chat published, the Pentagon released new guidance warning troops of Signal’s vulnerability. The app’s popularity amongst high-ranking officers and government officials seems to have marked it as an attractive target for professional hacking groups, the memo said.
Deeply concerning
While Hegseth refuted the idea that the chat thread contained actual OPSEC violations, information such as timelines and weather conditions can also be considered sensitive information and security violations, and they have been identified as such in military classification documents.
A Pentagon official told Reuters that the contents of the chat were believed to be classified.
The DoD’s new “Rapid Response” account on X also refuted claims that the reported Signal chat was a noteworthy OPSEC violation, writing: “No names. No targets. No locations. No classified info. No war plans. Just an update in real time,” the account said.
Left off that list included things like time on target and strike packages.
These unintentional disclosures, which involved more than just combat details, including disparaging European allies, have notably alarmed congressional leaders, including Republicans.
NEW: After @TheAtlantic releases full Signal text chain, two @HASCRepublicans subcommittee chairmen react.@RepDonBacon, R-Neb., said: “The White House is in denial that this was not classified or sensitive data. They should just own up to it and preserve credibility.”
— Scott Wong (@scottwongDC) March 26, 2025
Sen. Lisa Murkowski, a Republican from Alaska, wrote on X that Trump administration officials’ “disregard for stringent safeguards and secure channels could have compromised a high-stakes operation and put our servicemembers at risk.”
She said she hopes “this serves as a wake-up call that operational security must be a top priority for everyone—especially our leaders.”
Former military leaders have raised concerns as well.
“Had that been a bunch of Majors & Lieutenant Commanders coordinating an attack, they’d all get fired and probably subject to criminal prosecution,” said retired US Army General Barry McCaffrey, referring to the adage within the military that there are “different spanks for different ranks.”
For many troops, especially junior enlisted, OPSEC violations can result in punitive action and even jail time.
Other veterans familiar with OPSEC training and the seriousness of such violations have taken to meme roasts, mocking officials like Hegseth and Vance, both youthful military veterans who presumably had to do the same OPSEC training as everyone else.
The Pentagon and the White House directed Business Insider to previous statements when reached for comment, adding they “have nothing further to add.”
Read the full article here
