Yemen war secrets spilled? How a journalist ended up in a classified Trump group chat

In an extraordinary breach of national security, senior officials in President Donald Trump’s administration inadvertently shared classified military plans for airstrikes in Yemen with Jeffrey Goldberg, editor-in-chief of The Atlantic, via the encrypted messaging app Signal. The revelation has sparked bipartisan concern, raising urgent questions about cybersecurity practices within the highest levels of the U.S. government.

How Did the Breach Occur?

The incident unfolded when Goldberg received a connection request on Signal from an individual claiming to be National Security Adviser Mike Waltz. Shortly thereafter, he was added to a group chat labeled “Houthi PC small group,” which included high-ranking administration officials, including Vice President JD Vance, Defense Secretary Pete Hegseth, and Secretary of State Marco Rubio. Within the chat, members discussed imminent U.S. military action against Houthi targets in Yemen, sharing details on weapon systems, attack sequencing, and intelligence assessments.

Initially skeptical, Goldberg realized the chat was authentic as he watched the military operation unfold according to the messages. In an interview, he remarked, “It seemed completely absurd that the national security leadership of the United States would be coordinating a military strike on a messaging app—and yet, here we are.”

The Pentagon has since referred inquiries about the incident to the White House, which has acknowledged that the messages appear genuine. White House National Security Council spokesman Brian Hughes stated, “We are reviewing how an inadvertent number was added to the chain. The thread is a demonstration of deep and thoughtful policy coordination between senior officials.”

Encrypted Messaging and National Security: A Historical Perspective

The use of encrypted messaging apps like Signal among government officials is not unprecedented, but it has long been a source of controversy. While such apps provide end-to-end encryption, making interception nearly impossible, their use for classified communications violates standard government security protocols—a lesson drawn from past breaches.

Hillary Clinton’s use of a private email server while serving as Secretary of State dominated political discourse in 2016, with critics arguing that classified information was put at risk. Similarly, Jared Kushner and Ivanka Trump faced scrutiny for using WhatsApp to conduct White House business during Trump’s first term. More dramatically, in 2019, Ukrainian government officials were hacked via WhatsApp, allegedly by Russian operatives, exposing sensitive diplomatic discussions. The Yemen war plans incident follows a pattern of high-ranking officials disregarding secure government channels, heightening concerns that adversaries could exploit such vulnerabilities.

Why Was Signal Used for Military Planning?

Signal is favored among officials, journalists, and activists for its end-to-end encryption, which prevents third parties—including governments—from intercepting messages. However, the use of an unapproved platform for sensitive military planning is highly irregular, if not outright reckless.

Classified U.S. government communications are typically conducted via SIPRNet (Secret Internet Protocol Router Network) for secure military and diplomatic communications, JWICS (Joint Worldwide Intelligence Communications System) for top-secret intelligence sharing, and GovCloud and classified email systems for secure government-to-government messaging. That such critical conversations occurred on Signal rather than these approved, highly secure systems raises serious questions about the administration’s adherence to cybersecurity policies.

What Were the Consequences of the Leak?

While the Houthi military operation was ultimately deemed successful, critics argue that the exposure of real-time deliberations—down to weapons, timing, and intelligence—could have jeopardized national security and the safety of U.S. personnel.

Political Fallout

The disclosure has drawn severe criticism from both parties. Democratic lawmakers have called for immediate investigations, labeling the lapse as “reckless” and “one of the most stunning breaches of military intelligence in recent memory.” Senate Democratic Leader Chuck Schumer called for a “full-scale probe,” warning that adversaries could exploit such vulnerabilities. Republican lawmakers, while less vocal, have acknowledged the issue. House Speaker Mike Johnson stated, “It was a mistake. The administration has acknowledged it and will tighten up procedures.” However, he dismissed calls for Defense Secretary Hegseth’s resignation.

Legal and Security Implications

From a legal perspective, the inadvertent disclosure of classified military plans could constitute a violation of the Espionage Act and the Federal Records Act. The use of disappearing messages on Signal may also be in violation of federal transparency laws, which require government communications to be archived. While no formal charges have been announced, security analysts argue that the breach underscores the dangers of informality in high-level government decision-making.

Past Security Breaches and Their Lessons for the U.S. Government

The Yemen incident is the latest in a series of security failures that have plagued multiple U.S. administrations. Edward Snowden’s 2013 NSA leaks exposed mass surveillance programs, revealing vulnerabilities in how intelligence was safeguarded. WikiLeaks’ 2017 Vault 7 disclosures released CIA hacking tools, demonstrating the risks of digital leaks. The 2020 SolarWinds cyberattack, attributed to Russian hackers, infiltrated U.S. government agencies by exploiting weaknesses in software supply chains.

Each of these cases underscored the need for stricter cybersecurity protocols and reinforced the importance of secure communication within government operations.

What’s Next? Calls for Reform and Stricter Protocols

In response to the crisis, the White House has announced a review of how the breach occurred and plans to introduce stricter communication policies for senior officials. Security experts argue that government officials must use authorized channels for classified discussions, there should be stricter vetting of communication tools like Signal, and legislation may be required to explicitly outlaw the use of disappearing messages for government business.

Former military officials have stressed the need for mandatory cybersecurity training for high-ranking officials to prevent such lapses in the future. The Biden administration previously sought to improve federal cybersecurity protocols following the SolarWinds breach, but the Yemen war plans incident suggests these efforts have not extended to senior officials in the Trump administration.

A Wake-Up Call for U.S. Cybersecurity

The inadvertent inclusion of a journalist in high-level military deliberations serves as a stark reminder of the vulnerabilities within the U.S. government’s communication practices. The Yemen war plans exposure underscores the risks of using unapproved platforms for sensitive discussions, revealing security gaps that adversaries could exploit.

With investigations underway and mounting pressure for accountability, the incident may prompt long-overdue reforms in cybersecurity policy—but whether these measures will be enough to prevent future breaches remains uncertain.