IG Report Says Secret Service Put 8,000 Devices at Risk, Exposing US Officials
Updated
Updated · CNN · Jun 25
IG Report Says Secret Service Put 8,000 Devices at Risk, Exposing US Officials
3 articles · Updated · CNN · Jun 25
Summary
A DHS inspector general report found Secret Service cybersecurity failures left agents’ phones vulnerable to hacking, creating risks to protectees and employees on protective missions.
Personal phones were often used instead of government devices, exposing mission data such as contacts, geolocation, photos and user history that adversaries could exploit to plan attacks.
The report also cited failures to wipe phones after overseas travel and to test software before deployment, weaknesses affecting about 8,000 mobile devices tied to sensitive agency systems and apps.
One employee used a personal phone to receive a photo of the Butler gunman before the July 2024 Trump assassination attempt, reviving scrutiny of communication breakdowns that day.
Secret Service Director Sean Curran said the agency has addressed or is addressing the recommendations, after earlier reports tied phone and connectivity failures to the Butler security debacle.
With national security at stake, why are agents forced to use personal phones over their government-issued devices?
Beyond the Secret Service, how deep does the mobile security crisis run within the Department of Homeland Security?
Can new policies fix a security culture where agents must break rules to effectively do their jobs?
8,000 Secret Service Devices at Risk: DHS Probe Reveals Major Mobile Security Failures Before 2024 Trump Incident
Overview
A Department of Homeland Security investigation revealed that the Secret Service failed to consistently wipe data from government-issued phones after international travel, despite clear policies requiring timely data deletion. This lapse created a significant risk for sensitive information, as some employees reported their devices were rarely or never wiped, even after multiple trips to high-risk countries. The investigation also found a lack of basic security measures on these devices, with mobile threat defense software not installed until August 2025. These failures exposed the agency to potential threats and highlighted the urgent need for stronger security protocols and technology upgrades.