National Security Council adds Gmail to its list of bad decisions

The Washington Post reports that members of the White House's National Security Council have used personal Gmail accounts to conduct government business. National security advisor Michael Waltz and a senior aide of his both used their own accounts to discuss sensitive information with colleagues, according to the Post's review and interviews with government officials who spoke to the newspaper anonymously.

Email is not the best approach for sharing information meant to be kept private. That covers sensitive data for individuals such as social security numbers or passwords, much less confidential or classified government documents. It simply has too many potential paths for a bad actor to access information they shouldn't. Government departments typically use business-grade email services, rather than relying on consumer email services. The federal government also has its own internal communications systems with additional layers of security, making it all the more baffling that current officials are being so cavalier with how they handle important information.

“Unless you are using GPG, email is not end-to-end encrypted, and the contents of a message can be intercepted and read at many points, including on Google’s email servers," Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation told the Post.

Additionally, there are regulations requiring that certain official government communications be preserved and archived. Using a personal account could allow some messages to slip through the cracks, accidentally or intentionally.

This latest instance of dubious software use from the executive branch follows the discovery that several high-ranking national security leaders used Signal to discuss planned military actions in Yemen, then added a journalist from The Atlantic to the group chat. And while Signal is a more secure option than a public email client, even the encrypted messaging platform can be exploited, as the Pentagon warned its own team last week.

As with last week's Signal debacle, there have been no repercussions thus far for any federal employees taking risky data privacy actions. NSC spokesman Brian Hughes told the Post he hasn't seen evidence of Waltz using a personal account for government correspondence.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/national-security-council-adds-gmail-to-its-list-of-bad-decisions-222648613.html?src=rss https://www.engadget.com/cybersecurity/national-security-council-adds-gmail-to-its-list-of-bad-decisions-222648613.html?src=rss
Vytvořeno 23d | 2. 4. 2025 0:10:21


Chcete-li přidat komentář, přihlaste se

Ostatní příspěvky v této skupině

Nintendo Switch 2 pre-orders: Sold out at most retailers including GameStop, Walmart, Target, Best Buy and others

Nintendo Switch 2 pre-orders are now officially open in North America. After (what felt like) a long delay after the original April 9 pre-order date, Nintendo finally opened up pre-orders in the US

24. 4. 2025 21:20:17 | Engadget
Bowers & Wilkins new Px7 S3 wireless headphones feature updated ANC tech

Bowers & Wilkins is back with another pair of

24. 4. 2025 19:10:28 | Engadget
Meta finally acknowledges that Facebook has a major spam problem

Meta is finally acknowledging that Facebook’s feed is filled with too many spammy posts. In

24. 4. 2025 19:10:25 | Engadget
Can I offer you a nice image of the Sun in these trying times?

The joint ESA and NASA Solar Orbiter mission has delivered

24. 4. 2025 19:10:24 | Engadget
Razer has a vertical mouse now

Razer has unveiled two new iterations of its Pro Click mouse with an eye toward comfort. The

24. 4. 2025 19:10:23 | Engadget