White House tech support discovered the suspected breach after Kelly turned his phone in to tech support staff this summer.
Chief of staff John Kelly told staffers the phone hadn’t been working properly for months, according to the officials. (DoD Photo by Navy Petty Officer 2nd Class Dominique A. Pineiro/Released)
This article was co-authored with Josh Dawsey and Emily Stephenson, reported in coordination with POLITICO.
White House officials believe that chief of staff John Kelly’s personal cellphone was compromised, potentially as long ago as December, according to three U.S. government officials.
The discovery raises concerns that hackers or foreign governments may have had access to data on Kelly’s phone while he was secretary of Homeland Security and after he joined the West Wing.
Tech support staff discovered the suspected breach after Kelly turned his phone in to White House tech support this summer complaining that it wasn’t working or updating software properly.
Kelly told the staffers the phone hadn’t been working properly for months, according to the officials.
White House aides prepared a one-page September memo summarizing the incident, which was circulated throughout the administration.
A White House spokesman said Kelly hadn’t used the personal phone often since joining the administration. This official said Kelly relied on his government-issued phone for official communications.
The official, who did not dispute any of POLITICO’s reporting on the timeline of events or the existence of the memo, said Kelly no longer had possession of the device but declined to say where the phone is now.
Kelly has since begun using a different phone, one of the officials said, though he relies on his government phone when he’s inside the White House.
Several government officials said it is unclear when — or where — Kelly’s phone was first compromised. It also is unclear what data might have been accessed, if any.
Kelly’s travel schedule prior to joining the administration in January is under review. The former Marine general retired in 2016 as chief of U.S. Southern Command.
Staffers reviewed the cellphone for several days and tried to decipher what had happened to it, the officials said. Many functions on the phone were not working.
The IT department concluded the phone had been compromised and should not be used further, according to the memo.
The document triggered concern throughout the West Wing about what information might have been exposed, one of the officials said.
The revelation comes amid an internal probe at the White House into personal email use. Senior officials, including Jared Kushner and Ivanka Trump, have at times used personal email for government business, POLITICO has reported.
Additional storage lockers recently were added in the West Wing for personal devices and aides have been warned to limit personal cellphone use in the building.
Bill Marczak, a senior research fellow with the Citizen Lab at the University of Toronto’s Munk School of Global Affairs, said the worst-case scenario would be “full access,” in which an attacker would be able to essentially control a device, including its microphone and camera.
“The [attackers] I would be most worried about are nation-states or other actors who may have access to resale of commercial spyware sold to nation-states,” he said.
“The average user won’t notice anything at all. Really, the only way to pick up on that is to do forensics on the phone,” he added.