NSA Warned About Signal Vulnerabilities Before Houthi Strike Chat Leak
In February 2025, a month before an explosive article revealed the accidental disclosure of war plans in a Signal chat group, the National Security Agency (NSA) issued a special bulletin to its employees warning about vulnerabilities in the encrypted messaging application.
The bulletin, obtained by CBS News, highlighted the potential for Russian hacking groups to use phishing scams to gain access to encrypted conversations on Signal, bypassing its end-to-end encryption. It also emphasized that third-party messaging applications like Signal and WhatsApp should not be used for communicating sensitive information.
This warning came to light following an article published in The Atlantic detailing how Defense Secretary Pete Hegseth inadvertently disclosed war plans to the publication's editor-in-chief, Jeffrey Goldberg, in a Signal chat group two hours before the U.S. military launched attacks against Houthi militia in Yemen. The article claimed that Hegseth's messages included "precise information about weapons packages, targets, and timing."
While both National Intelligence Director Tulsi Gabbard and CIA Director John Ratcliffe, who were also in the Signal group chat, denied sharing classified material, the NSA bulletin underscores the importance of using secure communication channels for sensitive information. The incident has sparked renewed debate about the security of popular messaging applications and the potential for vulnerabilities to be exploited by malicious actors.