By DAVID KLEPPER, KONSTANTIN TOROPIN and BEN FINLEY
WASHINGTON (AP) — Defense Secretary Pete Hegseth put U.S. troops at risk by sharing sensitive plans about an upcoming military strike in Yemen on his personal phone, according to a Pentagon inspector general’s report made public Thursday that criticized the use of unapproved messaging apps and devices across the Defense Department.
Hegseth had the authority to declassify the material he shared with others in a Signal chat, the watchdog found. But it said the release of sensitive details about the strike on Houthi militants violated internal Pentagon rules about handling sensitive information that could put service members or their missions in danger.
The report noted that the information that Hegseth sent — the quantity and strike times of manned U.S. aircraft over hostile territory about two hours to four hours before those strikes — “created a risk to operational security that could have resulted in failed U.S. mission objectives and potential harm to U.S. pilots.”
“If this information had fallen into the hands of U.S. adversaries, Houthi forces might have been able to counter U.S. forces or reposition personnel and assets to avoid planned U.S. strikes,” the report said.
Hegseth’s use of the app came to light when a journalist, Jeffrey Goldberg of The Atlantic, was inadvertently added to a Signal text chain by then-national security adviser Mike Waltz. Hegseth also created another Signal chat with 13 people, including his wife and brother, where he shared similar details of the same strike.
The report’s nuanced findings — that Hegseth’s actions put troops at risk but that he had the right to declassify the material — are not likely to relieve the pressure on the former Fox News Channel host.
He also is facing scrutiny on Capitol Hill over a news report that a follow-up strike on an alleged drug-smuggling boat in the Caribbean Sea in September killed survivors after Hegseth had issued a verbal order to “kill everybody.” A Navy admiral who oversaw the operation disputed in a closed-door meeting with lawmakers Thursday that Hegseth gave such an order.
Hegseth wrote on social media about the inspector general’s report: “No classified information. Total exoneration. Case closed. Houthis bombed into submission.” It comes after Pentagon press secretary Kingsley Wilson this summer called the investigation “a witch hunt and a total sham and being conducted in bad faith.”
Watchdog weighs in on Hegseth’s use of personal device
Hegseth’s Signal messages included particulars about the timing and location of the attack as well as the types of weapons and aircraft to be used. He later said the information he shared was “informal, unclassified.”
The report noted that while Hegseth had the power to declassify the material in his position as defense secretary, Pentagon policy prohibits the use of personal devices or nonapproved commercial apps such as Signal to transmit “nonpublic or classified” material.
Signal uses end-to-end encryption to secure direct messages and group chats. This safeguard has made Signal an increasingly popular option for many people, not just national security officials.
Signal is considered more secure than other messaging, but it is not foolproof. Those using the service — and their devices — are vulnerable to phishing or other digital attacks based on impersonation. As Hegseth’s use of Signal shows, there are no controls on who can be added to group chats or what kind of sensitive material can be sent.
Hegseth rebuffed interview from investigators
The defense secretary declined to be interviewed for the watchdog’s review. In a one-page statement to the inspector general, Hegseth said he had the authority to declassify the information he was sharing on Signal and that there “was nothing classified in this text.”
“There were no locations or targets identified,” he wrote. “There were no details that would endanger our troops or the mission.”
Hegseth said he was only sharing “an unclassified summary” of operations and that the full details of what was happening were shared separately on a secure network used by the military.
The information he shared on Signal was limited to the “overt actions” of U.S. forces, which he said “would be readily apparent to any observer in the area.”
The revelations are drawing close scrutiny. Democratic lawmakers and a small number of Republicans said Hegseth’s posting of the information to the Signal chats before the military jets had reached their targets potentially put those pilots’ lives at risk.
Lawmakers also noted that if lower-ranking members of the military had acted similarly, they would have been fired or severely disciplined for failing to maintain operational security.
Improper use of personal devices called a department-wide issue
The inspector general’s office recommended better training on information security for Department of Defense employees. It also noted several earlier instances when personnel used personal devices or unapproved apps for government business, and said that was one reason its recommendations were not focused on Hegseth’s actions alone.
“We are not making any recommendations in this report related to the Secretary’s use of Signal to send sensitive nonpublic information because it represented only one instance of an identified, DoD-wide issue,” the investigators wrote.
In one example, investigators found that in the early days of the COVID-19 pandemic, some defense officials used personal phones or laptops or nonapproved video conferencing systems because the department did not have policies to support remote work.
The use of nonapproved devices and apps can also make it harder for officials to retain government records in compliance with the law, the report noted.
Congressional reaction breaks along party lines
The Republican and Democratic leaders of the Senate Armed Services Committee, who had requested the investigation earlier this year, offered notably diverging takeaways from the report.
Republican Sen. Roger Wicker of Mississippi, the chairman, said in a statement that it’s “clear from the reports that the Secretary acted within his authority to communicate the information in question to other cabinet level officials.”
But Wicker said senior leaders also need more tools to share classified information “in real time and a variety of environments.”
“I think we have some work to do in providing those tools to our national security leaders,” Wicker said.
Sen. Jack Reed of Rhode Island, the committee’s top Democrat, said Hegseth violated military regulations and showed “reckless disregard for the safety American servicemembers.”
“These were precise strike timings and locations that, had they fallen into enemy hands, could have enabled the Houthis to target American pilots,” Reed said in a statement, adding that anyone else would have faced “severe consequences, including potential prosecution.”
AP Congressional Correspondent Lisa Mascaro contributed to this report.