The world found out shortly before 2 p.m. eastern time on March 15 that the United States was bombing Houthi targets across Yemen.
I, however, knew two hours before the first bombs exploded that the attack might be coming. The reason I knew this is that Pete Hegseth, the secretary of defense, had texted me the war plan at 11:44 a.m. The plan included precise information about weapons packages, targets, and timing.
This is going to require some explaining.
The story technically begins shortly after the Hamas invasion of southern Israel, in October 2023. The Houthis—an Iran-backed terrorist organization whose motto is “God is great, death to America, death to Israel, curse on the Jews, victory to Islam”—soon launched attacks on Israel and on international shipping, creating havoc for global trade. Throughout 2024, the Biden administration was ineffective in countering these Houthi attacks; the incoming Trump administration promised a tougher response.
This is where Pete Hegseth and I come in.
On Tuesday, March 11, I received a connection request on Signal from a user identified as Michael Waltz. Signal is an open-source encrypted messaging service popular with journalists and others who seek more privacy than other text-messaging services are capable of delivering. I assumed that the Michael Waltz in question was President Donald Trump’s national security adviser. I did not assume, however, that the request was from the actual Michael Waltz. I have met him in the past, and though I didn’t find it particularly strange that he might be reaching out to me, I did think it somewhat unusual, given the Trump administration’s contentious relationship with journalists—and Trump’s periodic fixation on me specifically. It immediately crossed my mind that someone could be masquerading as Waltz in order to somehow entrap me. It is not at all uncommon these days for nefarious actors to try to induce journalists to share information that could be used against them.
I accepted the connection request, hoping that this was the actual national security adviser, and that he wanted to chat about Ukraine, or Iran, or some other important matter.
Two days later—Thursday—at 4:28 p.m., I received a notice that I was to be included in a Signal chat group. It was called the “Houthi PC small group.”
A message to the group, from “Michael Waltz,” read as follows: “Team – establishing a principles [sic] group for coordination on Houthis, particularly for over the next 72 hours. My deputy Alex Wong is pulling together a tiger team at deputies/agency Chief of Staff level following up from the meeting in the Sit Room this morning for action items and will be sending that out later this evening.”
The message continued, “Pls provide the best staff POC from your team for us to coordinate with over the next couple days and over the weekend. Thx.”
The term principals committee generally refers to a group of the senior-most national-security officials, including the secretaries of defense, state, and the treasury, as well as the director of the CIA. It should go without saying—but I’ll say it anyway—that I have never been invited to a White House principals-committee meeting, and that, in my many years of reporting on national-security matters, I had never heard of one being convened over a commercial messaging app.
One minute later, a person identified only as “MAR”—the secretary of state is Marco Antonio Rubio—wrote, “Mike Needham for State,” apparently designating the current counselor of the State Department as his representative. At that same moment, a Signal user identified as “JD Vance” wrote, “Andy baker for VP.” One minute after that, “TG” (presumably Tulsi Gabbard, the director of national intelligence, or someone masquerading as her) wrote, “Joe Kent for DNI.” Nine minutes later, “Scott B”—apparently Treasury Secretary Scott Bessent, or someone spoofing his identity, wrote, “Dan Katz for Treasury.” At 4:53 p.m., a user called “Pete Hegseth” wrote, “Dan Caldwell for DoD.” And at 6:34 p.m., “Brian” wrote “Brian McCormack for NSC.” One more person responded: “John Ratcliffe” wrote at 5:24 p.m. with the name of a CIA official to be included in the group. I am not publishing that name, because that person is an active intelligence officer.
The principals had apparently assembled. In all, 18 individuals were listed as members of this group, including various National Security Council officials; Steve Witkoff, President Trump’s Middle East and Ukraine negotiator; Susie Wiles, the White House chief of staff; and someone identified only as “S M,” which I took to stand for Stephen Miller. I appeared on my own screen only as “JG.”
That was the end of the Thursday text chain.
After receiving the Waltz text related to the “Houthi PC small group,” I consulted a number of colleagues. We discussed the possibility that these texts were part of a disinformation campaign, initiated by either a foreign intelligence service or, more likely, a media-gadfly organization, the sort of group that attempts to place journalists in embarrassing positions, and sometimes succeeds. I had very strong doubts that this text group was real, because I could not believe that the national-security leadership of the United States would communicate on Signal about imminent war plans. I also could not believe that the national security adviser to the president would be so reckless as to include the editor in chief of The Atlantic in such discussions with senior U.S. officials, up to and including the vice president.
The next day, things got even stranger.
At 8:05 a.m. on Friday, March 14, “Michael Waltz” texted the group: “Team, you should have a statement of conclusions with taskings per the Presidents guidance this morning in your high side inboxes.” (High side, in government parlance, refers to classified computer and communications systems.) “State and DOD, we developed suggested notification lists for regional Allies and partners. Joint Staff is sending this am a more specific sequence of events in the coming days and we will work w DOD to ensure COS, OVP and POTUS are briefed.”
At this point, a fascinating policy discussion commenced. The account labeled “JD Vance” responded at 8:16: “Team, I am out for the day doing an economic event in Michigan. But I think we are making a mistake.” (Vance was indeed in Michigan that day.) The Vance account goes on to state, “3 percent of US trade runs through the suez. 40 percent of European trade does. There is a real risk that the public doesn’t understand this or why it’s necessary. The strongest reason to do this is, as POTUS said, to send a message.”
The Vance account then goes on to make a noteworthy statement, considering that the vice president has not deviated publicly from Trump’s position on virtually any issue. “I am not sure the president is aware how inconsistent this is with his message on Europe right now. There’s a further risk that we see a moderate to severe spike in oil prices. I am willing to support the consensus of the team and keep these concerns to myself. But there is a strong argument for delaying this a month, doing the messaging work on why this matters, seeing where the economy is, etc.”
A person identified in Signal as “Joe Kent” (Trump’s nominee to run the National Counterterrorism Center is named Joe Kent) wrote at 8:22, “There is nothing time sensitive driving the time line. We’ll have the exact same options in a month.”
Then, at 8:26 a.m., a message landed in my Signal app from the user “John Ratcliffe.” The message contained information that might be interpreted as related to actual and current intelligence operations.
At 8:27, a message arrived from the “Pete Hegseth” account. “VP: I understand your concerns – and fully support you raising w/ POTUS. Important considerations, most of which are tough to know how they play out (economy, Ukraine peace, Gaza, etc). I think messaging is going to be tough no matter what – nobody knows who the Houthis are – which is why we would need to stay focused on: 1) Biden failed & 2) Iran funded.”
The Hegseth message goes on to state, “Waiting a few weeks or a month does not fundamentally change the calculus. 2 immediate risks on waiting: 1) this leaks, and we look indecisive; 2) Israel takes an action first – or Gaza cease fire falls apart – and we don’t get to start this on our own terms. We can manage both. We are prepared to execute, and if I had final go or no go vote, I believe we should. This [is] not about the Houthis. I see it as two things: 1) Restoring Freedom of Navigation, a core national interest; and 2) Reestablish deterrence, which Biden cratered. But, we can easily pause. And if we do, I will do all we can to enforce 100% OPSEC”—operations security. “I welcome other thoughts.”
A few minutes later, the “Michael Waltz” account posted a lengthy note about trade figures, and the limited capabilities of European navies. “Whether it’s now or several weeks from now, it will have to be the United States that reopens these shipping lanes. Per the president’s request we are working with DOD and State to determine how to compile the cost associated and levy them on the Europeans.”
The account identified as “JD Vance” addressed a message at 8:45 to @Pete Hegseth: “if you think we should do it let’s go. I just hate bailing Europe out again.” (The administration has argued that America’s European allies benefit economically from the U.S. Navy’s protection of international shipping lanes.)
The user identified as Hegseth responded three minutes later: “VP: I fully share your loathing of European free-loading. It’s PATHETIC. But Mike is correct, we are the only ones on the planet (on our side of the ledger) who can do this. Nobody else even close. Question is timing. I feel like now is as good a time as any, given POTUS directive to reopen shipping lanes. I think we should go; but POTUS still retains 24 hours of decision space.”
At this point, the previously silent “S M” joined the conversation. “As I heard it, the president was clear: green light, but we soon make clear to Egypt and Europe what we expect in return. We also need to figure out how to enforce such a requirement. EG, if Europe doesn’t remunerate, then what? If the US successfully restores freedom of navigation at great cost there needs to be some further economic gain extracted in return.”
That message from “S M”—presumably President Trump’s confidant Stephen Miller, the deputy White House chief of staff, or someone playing Stephen Miller—effectively shut down the conversation. The last text of the day came from “Pete Hegseth,” who wrote at 9:46 a.m., “Agree.”
After reading this chain, I recognized that this conversation possessed a high degree of verisimilitude. The texts, in their word choice and arguments, sounded as if they were written by the people who purportedly sent them, or by a particularly adept AI text generator. I was still concerned that this could be a disinformation operation, or a simulation of some sort. And I remained mystified that no one in the group seemed to have noticed my presence. But if it was a hoax, the quality of mimicry and the level of foreign-policy insight were impressive.
It was the next morning, Saturday, March 15, when this story became truly bizarre.
At 11:44 a.m., the account labeled “Pete Hegseth” posted in Signal a “TEAM UPDATE.” I will not quote from this update, or from certain other subsequent texts. The information contained in them, if they had been read by an adversary of the United States, could conceivably have been used to harm American military and intelligence personnel, particularly in the broader Middle East, Central Command’s area of responsibility. What I will say, in order to illustrate the shocking recklessness of this Signal conversation, is that the Hegseth post contained operational details of forthcoming strikes on Yemen, including information about targets, weapons the U.S. would be deploying, and attack sequencing.
The only person to reply to the update from Hegseth was the person identified as the vice president. “I will say a prayer for victory,” Vance wrote. (Two other users subsequently added prayer emoji.)
According to the lengthy Hegseth text, the first detonations in Yemen would be felt two hours hence, at 1:45 p.m. eastern time. So I waited in my car in a supermarket parking lot. If this Signal chat was real, I reasoned, Houthi targets would soon be bombed. At about 1:55, I checked X and searched Yemen. Explosions were then being heard across Sanaa, the capital city.
I went back to the Signal channel. At 1:48, “Michael Waltz” had provided the group an update. Again, I won’t quote from this text, except to note that he described the operation as an “amazing job.” A few minutes later, “John Ratcliffe” wrote, “A good start.” Not long after, Waltz responded with three emoji: a fist, an American flag, and fire. Others soon joined in, including “MAR,” who wrote, “Good Job Pete and your team!!,” and “Susie Wiles,” who texted, “Kudos to all – most particularly those in theater and CENTCOM! Really great. God bless.” “Steve Witkoff” responded with five emoji: two hands-praying, a flexed bicep, and two American flags. “TG” responded, “Great work and effects!” The after-action discussion included assessments of damage done, including the likely death of a specific individual. The Houthi-run Yemeni health ministry reported that at least 53 people were killed in the strikes, a number that has not been independently verified.
On Sunday, Waltz appeared on ABC’s This Week and contrasted the strikes with the Biden administration’s more hesitant approach. “These were not kind of pinprick, back-and-forth—what ultimately proved to be feckless attacks,” he said. “This was an overwhelming response that actually targeted multiple Houthi leaders and took them out.”
The Signal chat group, I concluded, was almost certainly real. Having come to this realization, one that seemed nearly impossible only hours before, I removed myself from the Signal group, understanding that this would trigger an automatic notification to the group’s creator, “Michael Waltz,” that I had left. No one in the chat had seemed to notice that I was there. And I received no subsequent questions about why I left—or, more to the point, who I was.
Earlier today, I emailed Waltz and sent him a message on his Signal account. I also wrote to Pete Hegseth, John Ratcliffe, Tulsi Gabbard, and other officials. In an email, I outlined some of my questions: Is the “Houthi PC small group” a genuine Signal thread? Did they know that I was included in this group? Was I (on the off chance) included on purpose? If not, who did they think I was? Did anyone realize who I was when I was added, or when I removed myself from the group? Do senior Trump-administration officials use Signal regularly for sensitive discussions? Do the officials believe that the use of such a channel could endanger American personnel?
Brian Hughes, the spokesman for the National Security Council, responded two hours later, confirming the veracity of the Signal group. “This appears to be an authentic message chain, and we are reviewing how an inadvertent number was added to the chain,” Hughes wrote. “The thread is a demonstration of the deep and thoughtful policy coordination between senior officials. The ongoing success of the Houthi operation demonstrates that there were no threats to troops or national security.”
William Martin, a spokesperson for Vance, said that despite the impression created by the texts, the vice president is fully aligned with the president. “The Vice President’s first priority is always making sure that the President’s advisers are adequately briefing him on the substance of their internal deliberations,” he said. “Vice President Vance unequivocally supports this administration’s foreign policy. The President and the Vice President have had subsequent conversations about this matter and are in complete agreement.”
I have never seen a breach quite like this. It is not uncommon for national-security officials to communicate on Signal. But the app is used primarily for meeting planning and other logistical matters—not for detailed and highly confidential discussions of a pending military action. And, of course, I’ve never heard of an instance in which a journalist has been invited to such a discussion.
Conceivably, Waltz, by coordinating a national-security-related action over Signal, may have violated several provisions of the Espionage Act, which governs the handling of “national defense” information, according to several national-security lawyers interviewed by my colleague Shane Harris for this story. Harris asked them to consider a hypothetical scenario in which a senior U.S. official creates a Signal thread for the express purpose of sharing information with Cabinet officials about an active military operation. He did not show them the actual Signal messages or tell them specifically what had occurred.
All of these lawyers said that a U.S. official should not establish a Signal thread in the first place. Information about an active operation would presumably fit the law’s definition of “national defense” information. The Signal app is not approved by the government for sharing classified information. The government has its own systems for that purpose. If officials want to discuss military activity, they should go into a specially designed space known as a sensitive compartmented information facility, or SCIF—most Cabinet-level national-security officials have one installed in their home—or communicate only on approved government equipment, the lawyers said. Normally, cellphones are not permitted inside a SCIF, which suggests that as these officials were sharing information about an active military operation, they could have been moving around in public. Had they lost their phones, or had they been stolen, the potential risk to national security would have been severe.
Hegseth, Ratcliffe, and other Cabinet-level officials presumably would have the authority to declassify information, and several of the national-security lawyers noted that the hypothetical officials on the Signal chain might claim that they had declassified the information they shared. But this argument rings hollow, they cautioned, because Signal is not an authorized venue for sharing information of such a sensitive nature, regardless of whether it has been stamped “top secret” or not.
There was another potential problem: Waltz set some of the messages in the Signal group to disappear after one week, and some after four. That raises questions about whether the officials may have violated federal records law: Text messages about official acts are considered records that should be preserved.
“Under the records laws applicable to the White House and federal agencies, all government employees are prohibited from using electronic-messaging applications such as Signal for official business, unless those messages are promptly forwarded or copied to an official government account,” Jason R. Baron, a professor at the University of Maryland and the former director of litigation at the National Archives and Records Administration, told Harris.
“Intentional violations of these requirements are a basis for disciplinary action. Additionally, agencies such as the Department of Defense restrict electronic messaging containing classified information to classified government networks and/or networks with government-approved encrypted features,” Baron said.
Several former U.S. officials told Harris and me that they had used Signal to share unclassified information and to discuss routine matters, particularly when traveling overseas without access to U.S. government systems. But they knew never to share classified or sensitive information on the app, because their phones could have been hacked by a foreign intelligence service, which would have been able to read the messages on the devices. It is worth noting that Donald Trump, as a candidate for president (and as president), repeatedly and vociferously demanded that Hillary Clinton be imprisoned for using a private email server for official business when she was secretary of state. (It is also worth noting that Trump was indicted in 2023 for mishandling classified documents, but the charges were dropped after his election.)
Waltz and the other Cabinet-level officials were already potentially violating government policy and the law simply by texting one another about the operation. But when Waltz added a journalist—presumably by mistake—to his principals committee, he created new security and legal issues. Now the group was transmitting information to someone not authorized to receive it. That is the classic definition of a leak, even if it was unintentional, and even if the recipient of the leak did not actually believe it was a leak until Yemen came under American attack.
All along, members of the Signal group were aware of the need for secrecy and operations security. In his text detailing aspects of the forthcoming attack on Houthi targets, Hegseth wrote to the group—which, at the time, included me—“We are currently clean on OPSEC.”
Shane Harris contributed reporting.
