Washington — Soon after the revelation that the editor-in-chief of The Atlantic had inadvertently been added to a Signal chat with top Trump administration officials about Yemen attack plans, some of those officials began changing or deleting their Venmo accounts. At least one account remained public for a day after the Atlantic report.
Venmo, an Internet-based mobile payment service owned by PayPal that allows users to send and receive money quickly, also allows the public to view users’ contacts if they do not change their privacy settings.
National security experts contend the public information could be exploited by foreign intelligence services or other nefarious actors.
According to screenshots obtained by CBS News, White House national security adviser Michael Waltz’s friends list on Venmo was open to the public to view as late as Tuesday — a day after the Atlantic report about the Signal chat was published. On Wednesday, his account settings were changed to make his contacts private.
Waltz’s contacts on Venmo included journalists, government officials, active and retired service members and members of congress. There was evidence Waltz had sent or received payments on the platform.
Susie Wiles, President Trump’s chief of staff, was listed on Waltz’s Venmo friends list, but her account is now no longer searchable. On Wednesday, Wired magazine reported on Waltz’ and Wiles’ Venmo accounts and said their respective accounts were made private after the publication contacted the White House.
“Venmo is a commonly used app, and Mike Waltz has made necessary updates for his personal privacy protection,” said NSC spokesman James Hewitt, after being contacted by CBS News Wednesday.
Defense Secretary Pete Hegseth, who has faced a barrage of criticism this week for sharing details on the Signal chat about the March 15 U.S.strike on Iranian-backed Houthis, had an account in early March, but it has since been deactivated, CBS News has learned.
In February, reporters with The American Prospect, a progressive political and public policy magazine, found that Hegseth’s Venmo was previously left open for the public to view contacts he had in his cellphone who also had Venmo accounts. Among the contacts were defense contractors, UnitedHealth executives, fellow veterans and colleagues at Fox News.
The Pentagon has not responded to CBS News’ request for comment.
Joe Kent, who is Mr. Trump’s nominee to run the National Counterterrorism Center, was on the Signal chat as a point of contact for Director of National Intelligence Tulsi Gabbard, and his Venmo account was open for the public to view as of Thursday morning.
The office of the director of national intelligence has not replied to a request for comment.
Der Spiegel reported Wednesday that private contact details for Waltz, Gabbard and Hegseth had been leaked online. Reporters from the German news publication were able to find mobile phone numbers, email addresses and even some passwords belonging to the senior Trump officials with most of the numbers and email addresses still in use.
On Wednesday, Gabbard and CIA Director John Ratcliffe defended their participation in the group chat in testimony before the House Intelligence Committee at a hearing focused on the global security threats facing the United States.
Gabbard acknowledged the conversation was “sensitive” but denied that classified information was shared in the chat. “There were no sources, methods, locations or war plans that were shared,” she told lawmakers. On Tuesday, Gabbard and Ratcliffe both said they were not aware of any information that was shared in the chat regarding weapons packages, targets or timing. The Atlantic on Wednesday released more of the texts on those topics after officials on the chat stated repeatedly that nothing disclosed in the Signal group was classified.
The messages showed Hegseth provided detailed information to the group of senior Trump officials about the strikes targeting Houthi rebels earlier this month, including a timeline of when fighter jets would take off and what kind of weapons would be used.
Multiple U.S. intelligence officials and members of the U.S. military who have spoken to CBS News this week have all contended that this type of information is always classified, but even if the information was somehow unclassified, it would still be a violation of cybersecurity and operational security protocols.
CBS News on Tuesday published unclassified internal documents from a National Security Agency bulletin warning of vulnerabilities in using the Signal app, even though it is encrypted. The NSA bulletin was widely distributed to NSA employees a month before the Signal chatroom was created by Waltz.
The bulletin also underscored to NSA employees that third-party messaging applications such as Signal and Whatsapp are permitted for certain “unclassified accountability/recall exercises” but not for communicating more sensitive information.
NSA employees were also warned to not send “anything compromising over any social media or Internet-based tool or application,” and to not to “establish connections with people you do not know.”
Fin Daniel Gómez and
contributed to this report.
