A data breach at Dialog, a private events group co-founded by Peter Thiel, has led to the exposure of sensitive personal information belonging to several U.S. national security personnel. This includes a senior White House intelligence official and an active-duty special operations officer. The Pentagon is currently investigating the matter.
The exposed data, which has been linked to a misconfiguration on Dialog’s website, contains private information and login credentials for 222 registrants, many of whom are current and former high-ranking military and national security officials. Among those affected are the NSC official, who advises the President and the national security adviser, and the intelligence officer embedded with a high-stakes special operations unit.
The White House has requested that the NSC official not be named due to national security concerns and has not commented further on the incident. The exposed files reportedly included detailed personal information such as addresses, phone numbers, and even responses to a registrant questionnaire that revealed the official’s views on future espionage and literary preferences.
Dialog has labeled the incident as a “cyberattack,” but evidence suggests the records were made accessible due to a flaw in their website configuration. A cybersecurity researcher, who had previously been indicted on hacking charges but never convicted, first brought the exposure to attention. Although Dialog’s external counsel termed the data as “stolen,” requests for WIRED to return any copies of the data were declined.
The Pentagon’s operations security team is currently assessing the potential risks arising from this data breach, particularly given that foreign intelligence services often seek this type of information to target or surveil U.S. operatives domestically and abroad.
Legal experts have raised concerns about the implications of identifying specific military units and personnel involved, emphasizing the need for operational security in such sensitive situations. The incident has highlighted the potential vulnerabilities within organizational data security practices, particularly regarding sensitive personnel information.
For more information on the Dialog breach, you can read further here.
