Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Data exposure In the dialogue, Special occasions group Participated in its founding Peter Thielexposing personal information of several US national security personnel. These include an intelligence official at the National Security Council (NSC) and an active-duty intelligence officer who supports sensitive military operations, WIRED has learned. The Pentagon is now studying the matter.
Personal information about intelligence and military personnel is among the most frequently requested data by foreign intelligence services, which they use to identify, monitor, and communicate with U.S. agents abroad and at home. For active duty officers and the units they support, exposure can add operational risk.
The White House asked WIRED not to name the NSC official for national security reasons, but declined to comment on the revelation.
Exposure to dialogue, which Evidence appears It was enabled through a misconfigured website, and included the private information and login codes of 222 registrants for the dialogue event, including current and former senior military and national security officials from the United States and its allies.
They include a National Security Council official, whose role includes advising President Donald Trump and the National Security Advisor on sensitive intelligence programs, and an individual identified in records as an active-duty intelligence officer embedded with a “tier one” special operations unit.
According to records, neither has a prior history with Dialog; Both have been invited and registered as new participants for the group’s retreat next August outside Dublin, Ireland.
Dialog described the exposure internally as a “cyberattack,” but WIRED found that the files were apparently exposed due to a configuration error on the group’s website. Anyone can create an account with an email address, log in, and access files simply by loading the landing page for the group app. This discovery began with advice first received by Swiss DJ and cybersecurity researcher, Maya Arsson-Cremo. It remains unclear how long the records were accessible and who else obtained them.
Federal prosecutors indicted Cremo in 2021 on hacking-related charges, but she was never arrested or convicted of a crime and did not face subsequent charges. In 2023, it discovered a copy of the US government’s no-fly list on an unsecured server, and made it available to some journalists along with technical writing.
Dialog’s outside counsel issued a letter over the weekend saying the data was “stolen” and demanding that WIRED hand over its copy of the data. WIRED declined. Dialogue did not respond to questions submitted for this story.
The dialogue file of the National Security Council intelligence official, a former CIA officer, includes at least two dozen personal details and survey answers, and is similar to his own files. Tech founders, actors, journalists and hedge fund managers. Besides what the records indicate is their date of birth, home address, mobile phone number, headshot and special authentication code, the file also documents their political leanings and how they came into the orbit of the invitation-only group.
The file includes what appear to be the administrator’s answers to Dialog’s registrant questionnaire, including a personal prediction (“Future espionage will target your behavior more than your secrets”); Book recommendation: Allen Drury’s political novel about the Cold War Providing advice and consent); And biographical details.
The military intelligence officer file is built on the same template, revealing the same range of personally identifiable information. The file indicates that they were nominated to join the dialogue by another military officer who was assigned to a major command headquarters.
WIRED is withholding the names of the National Security Council official, the military intelligence officer, and the unit to which the latter was assigned, because identifying them could jeopardize their safety and employment. The Pentagon told WIRED on Tuesday that its Operations Security Team is looking into the matter.
