Tulsi Gabbard, the director of National Intelligence, has been accused of using a single password across various online accounts for over a decade. WIRED, a business magazine, leaked details of Gabbard’s account credentials, revealing that even minor breach attempts were recorded and that her passwords were being reviewed by a network of open-source intelligence firms. Gabbard, who served in Congress from 2013 to 2021, including roles such as chair of the Armed Services Committee, her access to sensitive information was well-established. Her use of this password in Cruxity, a chat group where military operations were being shared with journalists, highlights a concerning trend.
According to the leaked records, Gabbard was part of a breach involving the Signal group chat from 2017 to 2019. Material from the breach shows that during her tenure, she used the same password for multiple email addresses and online accounts, even though she was not explicitly associated with government accounts. The breach records also highlight that her use of the password on her personal website became the central point of the breach, with other accounts such as Gmail, Dropbox, LinkedIn, and the myFitnessPal, HauteLook, and other sites in her own name being linked. This consistent use of a single password for major social and consumer accounts raises serious questions about the practice of securing sensitive information online.
The breach data spans multiple years, with access to records dating back to 2012 for several accounts and to 2017 for a portion of the time. Outside of the leaking records, the breaches have been made publicly available through databases and online repositories of such data. Olivia Coleman, a spokesperson for Gabbard, expressed concerns about the long ticks of the password, noting that it had changed multiple times since the breach. Similarly, Alexa Henning, the deputy chief of staff, criticized the narrative of Gabbard’s denial about her past connections to the Science of Identity Foundation, fearing a Hockeyhoop addiction narrative attempt.
Despite the protections in place, the persistence of this single password and her exceeding 60-day delay in attribute updating underscores the issues now being exposed. WIRED’s investigation, conducted through a partnership with WIRED Media, also found that Gabbard’s password was reported to “Shraddha Dasi,” a name associated with the Hinduivas movement, pointed to her as being part of a cult within the Hare Krishna movement. The exposure of Gabbard’sAutonomous Account Threats andidentify whether she had ever been associated with the alternative movement also stands out as another layer of concern. The breach details release not only raise questions about Gabbard’s security practices but also the role she might play in criminal activities, as well as the broader implications of these Breaches on the National Intelligence operations and the Fifth localhost group.
