So, Pentagon officials got a heads-up this month about not using Signal for official stuff. But when it came to keeping war plans under wraps, it didn’t go so well.
Messages detailing the air strikes on Houthi rebels were shared with The Atlantic journalist Jeffrey Goldberg
On March 24, Jeffrey Goldberg from The Atlantic somehow ended up in a Signal group chat—by accident. And not just any chat. This one had people from Trump’s administration, casually discussing plans for airstrikes on the Houthi rebels in Yemen.
RELATED STORIES
Goldberg wrote about it, laying out how he saw the messages and realized what was going on. Then, just a few hours later, the attack actually happened.
Now, it’s been revealed that government workers were warned about Signal prior to the release of Goldberg’s article
Before The Atlantic even published Goldberg’s article, a department-wide advisory went out, flagging a ‘vulnerability’ in the app. Problem is, the email was sent three days after the Yemen airstrikes and a full five days after Goldberg accidentally got added to that chat. It was too late.
Just like WhatsApp, Signal is an open-source, encrypted messaging service
In his article, Goldberg pointed out that Signal is really popular with journalists and anyone who wants more privacy than regular messaging apps can offer. That’s probably why government officials felt comfortable using it for pretty sensitive conversations.
In the warning, which has been obtained by NPR, the Pentagon wrote
“A vulnerability has been identified in the Signal Messenger Application. Russian professional hacking groups are employing the ‘linked devices’ feature to spy on encrypted conversations.”
The email also mentioned that Google had flagged Russian hackers actively targeting Signal to spy on certain people.
The March 18 email wasn’t the only warning staff had received about Signal, though
Turns out, the March 18 email wasn’t the first time staff got a heads-up about Signal.
According to NPR, there was already a memo back in 2023, warning against using Signal for any nonpublic official info.
In his article, Goldberg claimed the messages contained information
Goldberg, on the other hand, saw things differently. In his article, he said the messages had info that “could conceivably have been used to harm American military and intelligence personnel.”
He didn’t share the exact details, though.
In response to news of the Pentagon’s warning, a spokesperson for Signal told NPR
A spokesperson from Signal told NPR that the email wasn’t actually about any security flaw in the app itself. Instead, it was more of a heads-up about phishing attacks—where hackers try to trick people into giving up sensitive info.
“Once we learned that Signal users were being targeted and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago,” said Signal’s Jun Harada.
