Data Breach at Dialog Exposes Sensitive Information of US Intelligence Personnel
A significant data breach at Dialog, a private events organization co-founded by Peter Thiel, has compromised the personal information of numerous US national security officials, including a member of the National Security Council (NSC) and an active-duty intelligence officer supporting critical military operations. Reports indicate that the Pentagon is now investigating the incident.
This exposure is especially alarming as the personal data related to intelligence and military personnel is highly sought after by foreign intelligence entities. Such information is utilized to identify, surveil, and potentially compromise US operatives both domestically and internationally. For active-duty personnel and their associated units, the implications of this breach could pose substantial operational risks.
While the White House has opted not to disclose the name of the NSC official due to national security concerns, the exposure, which seems to stem from a misconfigured website, has revealed private information and login tokens of 222 participants affiliated with Dialog. Those affected include current and former senior military and national security officials from the United States and its allies.
Among those on the list is the NSC official who plays a vital advisory role to the President and the national security adviser on sensitive intelligence initiatives, as well as an active-duty intelligence officer identified in the records who is associated with a “Tier 1” special operations unit. Remarkably, both individuals had no prior connection to Dialog; they were invited to register for an upcoming retreat in August, to be held just outside Dublin, Ireland.
Despite Dialog’s labeling of the incident as a “cyberattack,” evidence suggests the breach was due to vulnerabilities within the organization’s own web infrastructure. The breach allowed any individual to create an account and access sensitive files merely by accessing the group’s application landing page. This discovery was initially flagged by a Swiss DJ and cybersecurity researcher, prompting further investigation. It remains uncertain how long the exposed records were accessible or the extent of their acquisition by other parties.
The incident has drawn attention partly due to the prior legal issues surrounding the researcher who highlighted these vulnerabilities. In 2021, federal prosecutors indicted the researcher on hacking-related charges; however, she has yet to be convicted or face any new charges. Notably, in 2023, she uncovered a copy of the US government’s No Fly List on an unsecured server, which she subsequently shared with journalists.
In response to the breach, Dialog’s legal representatives sent a letter demanding the return of the data identified by WIRED, which has refused to comply with such a request. Dialog has not provided any comments in relation to inquiries about the incident.
The repertoire of personal information exposed in the dossier of the NSC intelligence official is substantial. It contains confidential details akin to those compiled on tech entrepreneurs, celebrities, and financial executives. This file includes the official’s date of birth, home address, mobile number, and political affiliations, alongside responses to a registrant questionnaire that divulges personal predictions and recommendations.
The dossier for the military intelligence officer reflects similar vulnerabilities, supplying a comprehensive profile that includes personally identifiable information. This officer was reportedly nominated for Dialog membership by a senior military officer associated with a major command headquarters.
Given the sensitive nature of the identities involved, WIRED has opted to withhold the names of the NSC official and the military intelligence officer, as their disclosure could jeopardize their safety and professional responsibilities. The Pentagon’s operations security team is currently examining the incident.
This breach highlights potential tactics that may have been used, specifically regarding the MITRE ATT&CK framework. Initial access techniques, likely involving misconfigured web applications, and persistence tactics enabling unauthorized account creation, showcase a worrying trend in cyber vulnerabilities. As businesses increasingly migrate to digital platforms, this incident serves as a critical reminder of the need for stringent cybersecurity measures to protect sensitive information from similar exposures in the future.