Waltz and staff reportedly used Gmail for official U.S. government business, raising security issues

U.S. security officials have reportedly been using their personal Gmail accounts to conduct government business — including sharing sensitive information about military positions. And yes, national security advisor and Signalgate protagonist Michael Waltz was involved.

If we could please go a full five business days without discovering a new breach of tech security by the Trump administration, that would be great.

The Washington Post reports that members of the U.S. National Security Council (NSC) used Google's email service Gmail to correspond with the official email accounts of colleagues from other federal agencies. As such, potentially sensitive government information has ended up in their personal Gmail inboxes, which are much less secure than official federal communication channels.

Specifically, The Washington Post reports that Waltz had work documents and information on his schedule sent to his Gmail account. This alone is already a questionable security practice. However, a senior aide to Waltz also allegedly used Gmail to share more sensitive information, The Washington Post reporting that it viewed emails involving "highly technical conversations with colleagues at other government agencies involving sensitive military positions and powerful weapons systems relating to an ongoing conflict."

As highlighted by the Signal chat room scandal revealed last Monday, keeping military plans under wraps is a critical security issue. Depending on the information being discussed, officials more typically share sensitive information either in person or on the Secret Internet Protocol Router Network (SIPRNet), the U.S. government's secured computer network system. Discussing U.S. military positions via Gmail is not a great security practice.

While schedule information may not be as critically sensitive as detailed plans for imminent international military operations, the proper handling of such data is a security concern as well. It isn't difficult to imagine that bad actors could cause significant harm were they to know where and when U.S. national security officials plan to be.

Unsurprisingly, the NSC has refuted The Washington Post's report. Though NSC spokesman Brian Hughes acknowledged that Waltz might have occasionally received work-related information to his personal account, he claimed that the national security advisor copies in his government email so that it's on the official federal records. Of course, this doesn't fix information being in his personal inbox in the first place.

"Waltz didn’t and wouldn’t send classified information on an open account," Hughes told The Washington Post.

Despite the NSC's statement, this is far from the first time Waltz's digital security habits have been called into question. This report is just the latest in a string of tech security breaches by the Trump administration revealed within the past week, all of which involved the national security advisor. Further, sources reportedly told The Washington Post that Waltz was known to copy and paste information directly from his schedule into Signal.

Waltz was a central figure in the Signal chat room scandal, having been the one to add The Atlantic's editor-in-chief Jeffrey Goldberg to the group chat in which U.S. officials were planning to bomb Yemen. Later that week, Waltz was among several officials involved in the chat whose private contact details and passwords were found online. His Venmo contact list was also discovered in the wake of Signalgate, revealing a list of over 300 of Waltz's associates.

In light of this previous insight into Waltz's digital habits and security, these new allegations regarding his Gmail usage aren't entirely surprising. 

Even so, it doesn't seem as though Waltz is facing any serious consequences for his arguably lax digital security standards. The White House has stood by Waltz amidst the security scandals, with press secretary Karoline Leavitt stating that the "case has been closed" regarding Signalgate. President Donald Trump further said that he didn't think Waltz needed to apologise, and that he believes the national security advisor is "doing his best."