Assistance from Grok AI.
This report, released on December 2, 2025, by the U.S. Department of Defense (DoD) Office of Inspector General (OIG), is an official investigation into how the Secretary of Defense (the top civilian leader of the U.S. military) used the Signal messaging app for government work. Signal is a popular encrypted messaging app (like WhatsApp but with stronger privacy features) that’s available to anyone, not just for official use. The report is classified as “SECRET//NOFORN,” which means it contains sensitive information that could harm national security if leaked, and it’s not to be shared with foreign governments or citizens.
The investigation was prompted by a request from U.S. Senate leaders (the Chairman and Ranking Member of the Armed Services Committee) after news articles in The Atlantic magazine revealed details of a private Signal group chat. I’ll break this down step by step in simple terms for a general audience, explaining key concepts along the way.
1. Background: What Sparked the Investigation?
- The Incident: On March 15, 2025, U.S. forces carried out air and missile strikes against Houthi rebels in Yemen (a group backed by Iran that’s been attacking shipping in the Red Sea). About two hours before the strikes started (around 1:45 PM Eastern Time), details about the operation— like the number of planes involved and timing—were shared in a Signal group chat called “Houthi PC Small Group.”
- The Group Chat: This chat had 19 members, including the Secretary of Defense, his aides, other DoD officials, and notably, a journalist. The Secretary sent a message at 11:44 AM with “non-specific general details” about the upcoming strikes.
- The Leak: On March 24 and 26, 2025, The Atlantic published articles quoting the chat transcript, exposing these details to the public. This raised alarms because military operations are often kept secret to protect troops and surprise enemies.
- Why Investigate?: The Senate wanted to know if rules were broken, especially around sharing sensitive info on non-government apps, classifying information properly, and keeping records. The OIG looked at DoD policies, interviewed people (though the Secretary declined an interview and provided a written statement instead), and reviewed emails and partial chat logs.
Key Terms Explained:
- Signal App: A free, secure messaging tool that uses end-to-end encryption (meaning only the sender and receiver can read messages). It’s not approved by the DoD for sending sensitive government info because it’s not controlled by the government and could be vulnerable to hacks.
- Classified Information: Government secrets labeled by level (e.g., SECRET means serious damage if leaked). “NOFORN” adds that it’s U.S.-only. Rules require “portion markings” (labels on each paragraph) to show what’s classified.
- SCIF: A “Sensitive Compartmented Information Facility”—a secure room where classified discussions happen, shielded from spying. The Secretary was in one at his home (Fort McNair, a military base in Washington, D.C.) during the strikes.
2. Key Findings: What Did the Investigation Uncover?
The OIG found that the Secretary and some DoD personnel didn’t fully follow rules, creating risks. Here’s the main takeaway:
- Sharing Sensitive Info on Signal:
- The day before the strikes (March 14, 2025), the Commander of U.S. Central Command (USCENTCOM, the military unit overseeing Middle East operations) emailed the Secretary and others with classified details (marked SECRET//NOFORN) about the strikes, including timing and methods.
- The next day, the Secretary, from his SCIF with two aides (a junior military assistant and a communications staffer), sent a message in the Signal group chat that matched some of this classified info. He used his personal cell phone, not a government-issued secure device.
- The Secretary claimed in his July 25, 2025, statement that, as an “original classification authority” (someone with power to decide if info is classified), he only shared “unclassified summaries” or declassified the details himself. He said the info was general and didn’t need protection.
- However, the OIG compared the chat to the email and concluded the info was sensitive and nonpublic (not meant for outsiders). Sharing it via Signal violated DoD Instruction 8170.01, which bans using personal devices or unapproved apps like Signal for official business involving nonpublic DoD info.
- Record-Keeping Issues:
- Federal law and DoD rules require saving official communications as records (like emails or texts) for accountability and history.
- The Secretary’s Signal chats had auto-delete settings, so many messages vanished. The DoD could only provide partial logs from his phone, and the OIG had to rely on The Atlantic‘s published transcript for the full picture. This meant records weren’t properly retained.
- Classification Problems at USCENTCOM:
- The email from USCENTCOM was correctly classified overall, but it lacked required “portion markings” on each paragraph, per DoD Manual 5200.01. This could lead to confusion about what’s secret.
- Risks Created:
- By sending details about U.S. planes over enemy territory 2–4 hours before strikes on an unsecured app, the Secretary risked leaks that could endanger troops or tip off enemies. Even though Signal is encrypted, personal phones aren’t as secure as government systems, and including a journalist increased the chance of exposure.
- No Evidence of Intentional Wrongdoing: The report doesn’t accuse anyone of deliberately leaking classified info or breaking laws on purpose. It focuses on policy violations.
The OIG also noted a related report (DODIG-2026-022) that reviews broader DoD policies on using non-government messaging apps.
3. Recommendations and Responses
- Main Recommendation: The OIG suggested that USCENTCOM’s Special Security Office review its classification procedures and add guidance on portion markings to prevent future slip-ups.
- USCENTCOM agreed and provided evidence of their existing training program, so the OIG closed this recommendation as resolved.
- No New Recommendations for the Secretary: The OIG said existing fixes from the related report (like better training for senior officials on device use) should cover it.
- DoD’s Response: The DoD’s Deputy General Counsel provided extra context but no supporting documents, so the OIG didn’t include it. Overall, the DoD cooperated but emphasized the Secretary’s authority to declassify info.
Recommendations Table from the Report (Simplified):
| Management | Unresolved | Resolved | Closed |
|---|---|---|---|
| USCENTCOM Special Security Office | None | None | 1 |
- Unresolved: Not agreed to or started.
- Resolved: Agreed to fix, with a plan.
- Closed: Fully fixed.
4. Broader Implications: Why Does This Matter?
- Security Risks: In a world of cyber threats, using apps like Signal for sensitive military talks could lead to hacks, leaks, or espionage. This incident shows how even top officials might bend rules for convenience, potentially putting lives at risk.
- Accountability: Government records ensure transparency (e.g., for Congress or historians). Auto-deleting messages hides what happened, making oversight harder.
- Policy Gaps: The report highlights that DoD rules prohibit personal devices for official nonpublic info, but enforcement might need strengthening. It also compares DoD policies to those of the White House, intelligence community, and other agencies, noting similarities but no major differences mentioned.
- No Criminal Findings: This is an evaluation, not a criminal probe. If laws were broken (e.g., mishandling classified info), that could lead to further investigations.
- Public Interest: Leaks like this fuel debates about government secrecy vs. press freedom. Including a journalist in the chat raises questions about how officials communicate with media during operations.
The full report is 84 pages, with appendices including chat transcripts, emails, and prior OIG reports on similar issues. For the document as released, see:
Evaluation of the Secretary of Defense’s Reported Use of a Commercially Available Messaging Application for Official Business
or an archive at:
https://web.archive.org/web/20251204162948/https://media.defense.gov/2025/Dec/04/2003834916/-1/-1/1/DODIG_2026_021.PDF.