An astonishing national security breach has come to light: top U.S. officials accidentally included a journalist in a Cabinet-level Signal group chat debating and plotting military strikes. The Atlantic’s editor-in-chief, Jeffrey Goldberg, reported that on March 15, he was unknowingly added to a Signal messaging thread – intended for senior Trump administration officials – discussing highly sensitive plans to bomb Houthi targets in Yemen. In Goldberg’s words, “Pete Hegseth, the secretary of defense, had texted me the war plan at 11:44 a.m. The plan included precise information about weapons packages, targets, and timing.” Two hours later, explosions rocked Sanaa, Yemen’s capital, confirming that the incredible messages were authentic. This wasn’t a hoax or hack – it was a monumental mistake: a journalist had a front-row seat to live war plans due to an erroneous group chat invite.

The Atlantic’s report details a scenario that reads like political satire. Goldberg describes how a Signal chat named “Houthi PC small group” was created by National Security Adviser Michael Waltz to coordinate a military response against Iran-backed Houthi militants. The participants were cabinet-level officials – the Principals Committee – including Secretary of Defense Pete Hegseth, Secretary of State Marco Rubio, Vice President J.D. Vance, and others. Goldberg’s number had been added by mistake, so he witnessed discussions that should have been highly classified. In one post, Hegseth shared operational details of forthcoming strikes on Yemen, including information about targets, weapons the U.S. would be deploying, and attack sequencing, a level of detail Goldberg rightly called “shocking recklessness.” No one noticed the Atlantic editor lurking silently in this virtual Situation Room. By the time Goldberg excused himself from the chat, he had seen enough to identify multiple officials and even observe them congratulating each other with prayer hands and American flag emojis once the strikes hit their targets.

It’s Not the App’s Fault—It’s How The Officials Used It

It’s important to clarify: this fiasco is not an indictment of Signal as a platform. Signal is a highly secure, end-to-end encrypted messaging app favored by journalists (including Breaking Discourse’s team), activists, and politicians for its strong privacy protections. The app did not malfunction or “leak” anything – the confidentiality breach occurred because government officials misused the tool inappropriately. As The Atlantic notes, “It is not uncommon for national security officials to communicate on Signal. But the app is used primarily for meeting planning and other logistical matters—not for detailed and highly confidential discussions of a pending military action.” In other words, Signal is meant to secure routine conversations. However, it was never intended to handle the real-time planning of military operations, especially by officials with access to far more secure channels. The blame lies squarely with those officials and their communication practices, not with the encrypted app that happened to be the medium.

Breaking Discourse relies on Signal for sensitive communications – we know it’s a robust tool when used correctly. However, no encryption app can compensate for poor judgment. What happened here was operator error of the highest order: adding an unintended participant (a journalist, no less) to a classified discussion. The result was a self-inflicted leak. Indeed, after Goldberg’s exposé, a National Security Council spokesman confirmed the Signal thread’s authenticity and admitted an “inadvertent number was added to the chain.” The platform did its job (delivering messages securely) – the users of Signal, however, failed spectacularly by treating it as a secure conference room to debate and share military war plans. As one former U.S. official observed, “The Signal app is not approved by the government for sharing classified information. The government has its systems for that purpose.” Encryption apps like Signal help people protect themselves against external eavesdropping. Still, they don’t magically turn ordinary smartphones into classified networks for government officials to fend off sophisticated cyberattacks by adversaries. The Atlantic’s scoop is a wake-up call that the weakest link in secure communication is often human error, not the technology itself.

Personal Phones vs. Secure Facilities (SCIFs)

The most alarming aspect of this incident is how casually senior officials bypassed established security protocols. American war planning “usually takes place in highly secure facilities,” The Atlantic’s social media post dryly noted. Sensitive Compartmented Information Facilities (SCIFs) exist precisely so that classified discussions and planning happen in a sealed, monitored environment, not in a group chat on personal devices. In this case, officials who know better chose to use their phones and a private messaging app to coordinate a military strike. Their decisions are mind-boggling, given that most Cabinet-level national security officials also have SCIFs installed in their homes for this purpose.

Why are SCIFs so critical? Because they are designed to handle classified information safely, they block electronic surveillance, control who can enter, and prohibit unauthorized devices. By contrast, texting on Signal from a regular phone, even an encrypted app, is rife with potential vulnerabilities. Security experts pointed out that if these officials’ phones had been lost, stolen, or compromised by malware, hostile intelligence could have read the war plans in real-time. It’s chilling to consider that top Trump officials might have been walking around in public, phones in hand, casually chatting about imminent airstrikes. That scenario is a spy’s dream and a security nightmare. Encryption protects the message in transit, but once it’s on your device, it’s only as secure as your phone is. Any lapse – a phishing attack, insider theft, or worse – could have exposed this operation to adversaries.

Equally perplexing is that these officials had full access to secure government communications channels but seemingly opted not to use them. The U.S. government maintains classified phone lines, secure video conferences, and encrypted email systems specifically for urgent military and diplomatic coordination. Choosing a consumer app for something as sensitive as war plans suggests a profound lapse in judgment – or worse, a deliberate attempt to circumvent official channels. The Atlantic report even raises the question of legality: by “coordinating a national-security-related action over Signal,” Waltz and his colleagues “may have violated several provisions of the Espionage Act,” according to national-security lawyers consulted. This would be because “information about an active military operation” qualifies as protected national defense information, and putting it on an unofficial channel could meet the definition of unauthorized transmission. While only an investigation can determine if criminal charges are warranted, the fact that legal questions of Espionage Act violations are on the table shows how severe this misconduct was.

There is no excuse for cabinet officials to handle top-secret military plans as if they were coordinating a lunch meeting since secure facilities and networks exist for a reason. If officials find stepping into a SCIF or using a secure phone inconvenient, that’s too bad – that inconvenience is a cornerstone of national security. It’s far better than the alternative we just witnessed. As one expert admonished, “If officials want to discuss military activity, they should go into a specially designed space known as a SCIF — or communicate only on approved government equipment.” The failure to do so here is indefensible and dangerous.

Auto-Deleting Messages vs. Federal Records Law

Beyond the immediate security risks, this Signal chat scandal blatantly disregards federal record-keeping laws. Under the Presidential Records Act (for the White House) and the Federal Records Act (for agencies), official communications must be preserved – even if they occur on personal accounts or devices. Deleting or failing to archive such messages is illegal. The Atlantic report highlights that some messages in the group were set to “disappear” after a week or a month. In other words, the National Security Adviser (or whoever managed the chat settings) programmed the conversation to auto-erase itself, effectively thwarting any record of the discussion unless someone manually saved it.

This flies in the face of explicit federal policy. Records experts are unequivocal on this point: “Under the records laws applicable to the White House and federal agencies, all government employees are prohibited from using electronic messaging applications such as Signal for official business unless those messages are promptly forwarded or copied to an official government account,” explains Jason R. Baron, a former director of litigation at the National Archives. He further emphasizes, “Intentional violations of these requirements are a basis for disciplinary action.” In plain terms, if White House or Defense Department personnel insist on using Signal or WhatsApp or any private messenger to conduct government business, they are legally required to preserve those communications (for example, by saving screenshots or forwarding to their .gov email). It appears none happened here – quite the opposite; the participants actively enabled auto-delete. That is a direct violation of the spirit and letter of the Presidential Records Act, which ensures transparency and a historical record of a president’s (and his aides’) actions. Baron also noted that agencies like the DoD strictly limit classified info messaging to approved secure networks. So, these officials violated multiple rules at once: handling classified data on unapproved systems and erasing the evidence of it.

Consider the implications: if Jeffrey Goldberg hadn’t been accidentally included and blown the whistle, there might be no record of top officials deliberating the military strike. There would be no logs for the National Archives, no paper trail for congressional oversight, and nothing to inform future historians or investigators. This is precisely the outcome the Presidential Records Act is designed to prevent. We expect such behavior from mobsters using burner phones, not from the upper echelons of the U.S. government, who are legally obligated to document their decisions.

This incident is why Congress must now step in forcefully. The National Archives and Records Administration (NARA) should already be involved since any presidential or vice-presidential records (e.g., Vice President Vance’s messages and NSC communications) fall under their purview. Congressional oversight committees should subpoena the participants’ devices and any remaining message data to reconstruct and preserve what was discussed. It’s worth noting that simply deleting messages doesn’t always make them irretrievable – forensic recovery might be possible if devices are obtained quickly. But that requires urgency and assertiveness from oversight bodies. Any hesitation or foot-dragging only increases the chance that crucial evidence will be lost (if it isn’t already given the auto-deletion).

The law demands that government business be archivable and accountable via official email or an impromptu Signal chat. In 2014, after controversy over officials using private email, regulations were strengthened to mandate forwarding any such communications to official systems within 20 days. It appears the Trump team in 2025 utterly ignored these rules. Allowing this to go unchecked would set a terrible precedent: it would signal to future administrations that they can skirt transparency by simply moving discussions to disappearing message apps. Congress cannot allow the Presidential Records Act to be flouted in broad daylight, especially not on matters of war and peace.

Demanding Accountability and Congressional Oversight

This incident doesn’t just call for quiet internal reviews; it screams for full congressional investigation and accountability. We have here a perfect storm of potential misconduct: mishandling of classified information, possible violations of the Espionage Act, violations of federal records laws, and a lapse that gave a journalist (and could have given foreign adversaries) access to secret war plans. If that doesn’t merit congressional hearings, what does?

At a minimum, Congress should haul in the officials involved to testify under oath about their use of personal devices and encrypted apps for official business. Questions that need answering include: Why did they opt for a Signal group chat instead of secure communications? Who added the outsider’s number (and how did such a “mistake” occur)? Were they aware this might violate records retention laws? Did they take any steps to preserve the chat history as required by law? Through its representatives, the American public has a right to these answers. National security decisions of this magnitude must be subject to oversight, not hidden behind self-destructing messages.

Encouragingly, there are signs of scrutiny. While defensive, the National Security Council spokesperson’s statement acknowledged that the issue is being “reviewed.” (The NSC notably tried to spin the debacle as “deep and thoughtful policy coordination” with “no threats to national security”, an almost farcical attempt to downplay the breach.) However, internal review by the NSC or White House is insufficient, especially when the administration’s first instinct is to minimize the incident. This needs independent oversight, free from partisan spin. Ideally, a bipartisan select committee or an empowered oversight subcommittee would take charge. If the current House majority is reluctant because the scandal involves their own party’s administration, the Senate or even a special commission should step up. Laws are only as good as their enforcement. These officials have treated the Presidential Records Act and classification rules as optional; Congress must emphatically remind them they are not.

Furthermore, accountability should not stop at fact-finding. If investigations confirm that laws were broken, there must be consequences. That could range from administrative sanctions (stripping clearances, firing officials who egregiously violated protocols) to referrals for criminal prosecution if warranted. For instance, if it’s proven that officials knowingly circumvented secure systems and failed to preserve records, they could face charges under 18 U.S.C. §2071 (which makes willful removal or destruction of federal records a crime) or other statutes. Short of prosecution, Congress could consider legislative fixes – for example, explicitly banning auto-delete features for any official communications or raising penalties for non-compliance with record-keeping on encrypted apps.

Critics might argue that demanding officials eschew apps like Signal entirely is unrealistic. Indeed, as noted, many officials use such apps for harmless, unclassified coordination (e.g., scheduling meetings or chatting abroad). That isn’t problematic as long as those communications are archived or trivial, but the issue is when they use these tools to hide or shortcut around established safeguards. This Signal war chat case is a textbook example of why robust oversight is needed – to draw a clear line and hold officials to it. If Congress were willing to conduct multiple investigations into Hillary Clinton’s emails and even the use of personal phones by past officials, they ought to apply equal or greater scrutiny here, given the stakes.

A Stark Double Standard: “But Her Emails” Revisited

The irony of this situation is impossible to ignore. Many of the figures involved in or defending this Signal scandal were outspoken critics of Hillary Clinton’s use of a private email server – yet now they are downplaying a breach arguably far more dangerous. The hypocrisy on display is jaw-dropping. Recall that in 2016, Donald Trump and his allies turned “But her emails” into a rallying cry, painting Clinton as “Cooked Hillary,” and alleging she was criminally negligent for using a private email system (even though an FBI investigation found no chargeable offense). Trump’s base chanted “Lock her up!” at rallies, and Trump himself said that if anyone else had done what Clinton did, “they’d be in jail.” Fast forward to 2025, and here we are with Trump’s administration officials not only using unofficial channels – they effectively leaked real-time war plans to an outsider. By Trump’s 2016 standard, one would expect righteous fury – yet from the GOP, we hear primarily crickets or contorted excuses.

Take Defense Secretary Pete Hegseth, who posted the war plan in the Signal group chat. Hegseth is a former Fox News personality who excoriated Clinton back in the day, “If it was anyone other than Hillary Clinton, they would be in jail right now,” referring to her email server. He also argued that “any security professional” who mishandled classified info like she did “would be fired on the spot.” Those quotes have aged poorly. Not only has Hegseth not been fired for his role in this incident, he’s lashing out at The Atlantic. When pressed by reporters after Goldberg’s report, Hegseth did not express remorse or refute the facts. Instead, he attacked Goldberg, calling him “a deceitful and highly discredited so-called journalist who’s made a profession of peddling hoaxes.” This ad hominem deflection rings hollow, especially since the National Security Council has officially confirmed the Signal chat was authentic. Hegseth’s response exemplifies the current attitude: rather than owning up to the severity of the misconduct, Trump-world figures are shooting the messenger and pretending it’s a non-issue.

Then there’s the right-wing media sphere. Fox News, which devoted endless coverage to Clinton’s emails, has been remarkably subdued or defensive about this Signal scandal. Sean Hannity – one of Fox’s loudest Clinton critics – previously called for her to be jailed over the email matter. But now, with Trump’s inner circle under scrutiny, Hannity has dismissed The Atlantic’s exposé as a “smear”. The sudden change in tune is comical. Despite corroboration by the NSC, we also saw conservative pundits minimize the leak, focusing instead on conspiratorial claims that Goldberg’s reporting can’t be trusted. It’s the height of hypocrisy: when a Democrat was involved, they treated mishandling of information as treason; when their team does it, it’s a nothing burger or a partisan hit job.

Even Hillary Clinton herself could not resist a wry response. After news of the Signal chat broke, the former Secretary of State delivered a seven-word zinger on social media that underscored the irony: “You have got to be kidding me.” Clinton’s point was clear: those who vilified her are now caught doing far worse. As some observers quipped on social media, Clinton is arguably “the most vindicated person in the world” this week.

To be clear, the reason for highlighting the double standard is to demand consistency in treating breaches of transparency and security. If it was wrong for Hillary Clinton to use a private email server (something that, for all its faults, forensic evidence shows never resulted in a foreign adversary intercepting state secrets), it is exponentially more wrong for current officials to use disappearing encrypted chats to deliberate and disseminate live operational military intel. By any objective measure, the Signal group chat fiasco is more egregious as Clinton’s emails were primarily retroactively classified and concerned past communications. In contrast, this chat involved active war plans and immediate risk. Yet the people who fumed about emails in 2016 are now urging us to move along, “no big deal.” That cannot stand. Public servants must be held to the same standards regardless of party affiliation. Anything less is pure partisan cynicism that erodes trust in government.

Secure Apps Need Responsible Users, Not Bans

Where do we go from here? Some might be tempted to ban officials from using apps like Signal altogether. That would be an overreaction and counter-productive. Encrypted messengers have legitimate uses in government – to protect routine discussions from hacking (especially when officials travel) and to communicate quickly. The lesson of this scandal is not that the technology is bad but that our leaders must use it responsibly and abide by the bounds of law and policy. In other words, please don’t throw out the secure messaging app; throw the book at those who abused it.

The Atlantic’s exposé should prompt immediate reforms in how officials are trained and authorized to use encrypted communications. Agencies might issue clarified guidelines, e.g., “Signal may only be used for unclassified administrative coordination. It must not be used to transmit operational plans or classified information. And all official discussions must be archived.” The White House could implement technical solutions too – perhaps dedicated secure chat apps that log conversations to official servers (some agencies have experimented with this). But ultimately, no policy works without a culture of accountability. This means leaders are setting the tone for transparency and security protocols to be respected and for violations not to be swept under the rug due to political convenience.

Right now, we have a worrying example of lack of accountability: so far, no one has resigned or been fired for this blunder; instead, we’ve seen defiance and denial. That needs to change. If high-ranking officials face no consequences, it will send a loud message that circumventing rules is tolerated. Conversely, a strong response – say, removing an official central to this debacle – would reassert essential principles: that no one is above the law, and that safeguarding national security information is a sacred responsibility. Even for those who remain in their posts, Congress and inspectors general can mandate remedial actions (like security training or compliance monitoring).

The Signal group chat fiasco is a severe governance failure that demands a serious response. It’s not about demonizing encrypted messaging; it’s about demanding that our officials not use technology as a loophole to avoid transparency or chain-of-command security. The Presidential Records Act and other federal laws exist to prevent exactly what happened here – secretive deliberations with no accountability and potential security breaches. If necessary, those laws must be enforced and updated to cover modern communication tools.

Our leaders should not conduct the people’s business in the shadows, nor jeopardize national security through convenience or arrogance. Encrypted apps like Signal can be part of the government toolbox, but only with strict adherence to rules and plenty of oversight. What happened on March 15 was a profound failure to meet that standard. Now it falls to Congress, the National Archives, and ultimately the public to ensure such recklessness is not repeated – and that those responsible are held accountable. In the end, sunlight and accountability are our best security features in a democracy. The officials involved must learn that no app can shield them from the consequences of bad behavior, and the era of “disappearing” government business must disappear for good.