Ben Actis

As a former chair of the House Intelligence Committee, a few things leap out at me in reading the full Signalgate text chain: First, the specificity with which they identify one of their targets. They refer to him as “the top missile guy,” and also reveal that they know where he is located: “his girlfriend’s building.” Hegseth outlines exactly what military platforms will be used to carry out the strikes and also makes clear this is “the first target,” which suggests there could be more targets. This means anyone with access to this non-secure thread could tip off the Houthis to immediately change their activity to evade being targeted next. Details like this should have been classified, because the public revelation of them could reveal sources and methods. Houthis will now try to determine how we would know the identity of the target and their whereabouts, and other adversaries will examine this closely to understand our methods. If these details had leaked in real time — and thanks to Jeffrey Goldberg for delaying their revelation — we also would have lost the opportunity to strike the targets. Second, the wide disparagement of our European allies is another reason this chat should not have been undertaken on a commercial app. The response from Europe was immediate yesterday. The disclosure has naturally inflamed our allies and further embittered them against the United States. Again, these are our allies. Third, in the chain, Vance suggested postponing the operation, and Hegseth responds: “2 immediate risks on waiting: 1) this leaks, and we look indecisive.” This again highlights how irresponsible it was to use a commercial app to discuss a potentially imminent attack. Had Goldberg decided to publish the text chain when he first received it — or the operation been postponed and the chat revealed — the targets would have fled. Hegseth later assured the others on the chat: “But, we can easily pause. And if we do, I will do all we can to enforce 100% OPSEC. | welcome other thoughts.” Operational security (or OPSEC) refers to the process of ensuring that sensitive information like this text chat doesn’t fall into the wrong hands and compromise the mission. Of course, this was not 100% OPSEC. The chat was on a commercial platform that DoD knew at the time to be vulnerable. Two participants were overseas — one of them apparently in Russia — using unknown devices to communicate. And a journalist was receiving every word. In the text chain, Hegseth invited additional thoughts. Here’s one: You didn’t enforce 100% OPSEC — far from it — and you should resign.

Twitter seems to leak a birthday (confirmed birthday listed on account by user) that is supposed to be hidden on the account here. Consider removing birthday from Twitter to avoid it being accidentally made public (when it's marked as private on the account) from this potential bug.