It’s been nearly three months since the Pentagon’s Office of the Inspector General started looking into the Signal chat leak scandal, specifically examining Defense Secretary Pete Hegseth’s alleged use of a commercially available messaging app to discuss foreign military strikes. As NBC News reported in early April, “In addition to looking at whether Hegseth complied with rules governing classified information, the inspector general will also look at whether rules about record retention were followed.”

According to new reporting from The Washington Post, the scrutiny isn’t going especially well for the beleaguered secretary.

The Pentagon’s independent watchdog has received evidence that messages from Defense Secretary Pete Hegseth’s Signal account previewing a U.S. bombing campaign in Yemen were derived from a classified email labeled ‘SECRET/NOFORN,’ people familiar with the matter said. The revelation appears to contradict long-standing claims by the Trump administration that no classified information was divulged in unclassified group chats that critics have called a significant security breach.

By now, the basic elements of the “Signalgate” controversy are probably familiar: Top members of Donald Trump’s national security team participated in an unsecured group chat about sensitive operational details of a foreign military strike — and they accidentally included a journalist, The Atlantic’s Jeffrey Goldberg, in their online conversation.

The final paragraph of Goldberg’s piece on the fiasco read, “All along, members of the Signal group were aware of the need for secrecy and operations security. In his text detailing aspects of the forthcoming attack on Houthi targets, Hegseth wrote to the group — which, at the time, included me — ‘We are currently clean on OPSEC,’” referring to “operations security.”

In other words, the defense secretary was certain that he and his colleagues — while chatting on a free platform that has never been approved for chats about national security or classified intelligence — had locked everything down and created a secure channel of communication.

Of course, we now know that Team Trump was most certainly not “clean on OPSEC,” Hegseth’s confidence notwithstanding.

What’s more, while there was some discussion about the nature of the shared details, there’s no denying the chat did include highly sensitive information about times and targets, much of which was put there by Hegseth himself.

“1215et: F-18s LAUNCH (1st strike package),” Hegseth told his colleagues in the chat. “1345: ‘Trigger Based’ F-18 1st Strike Window Starts (Target Terrorist is @ his Known Location so SHOULD BE ON TIME) — also, Strike Drones Launch (MQ-9s).” At one point, the defense secretary literally wrote, “THIS IS WHEN THE FIRST BOMBS WILL DEFINITELY DROP.”

Now the Post, with a report that has not been independently verified by MSNBC or NBC News, tells readers that the strike plans shared by Hegseth originated from a classified email written by Gen. Michael “Erik” Kurilla, the top commander overseeing U.S. military operations in the Middle East. The article added:

The ‘SECRET’ classification of Kurilla’s email, which has not previously been reported, denoted that the information was classified at a level at which unauthorized disclosure could be expected to cause serious damage to national security. The ‘NOFORN’ label means it also was not meant for anyone who is a foreign national, including senior officials of close allies of the United States. In accordance with government regulations, Kurilla sent his sensitive message over a classified system, the Secret Internet Protocol Router Network, or SIPRNet, four people familiar with the matter said, speaking on the condition of anonymity to avoid reprisal by the Trump administration.

CBS News ran a related report pointing to the same revelations.

Recommended

Maddowblog

On protecting classified information, Pete Hegseth picks a fight he can’t win

Steve Benen

Latest

Nicolle Wallace calls out ‘hot mess’ Pete Hegseth’s ‘obsessive paranoia’ over leakers

Allison Detzel

Despite all of this, a Pentagon spokesperson told the Post, “The Department stands behind its previous statements: no classified information was shared via Signal. As we’ve said repeatedly, nobody was texting war plans and the success of the Department’s recent operations — from Operation Rough Rider to Operation Midnight Hammer — are proof that our operational security and discipline are top notch.”

The second part of this defense doesn’t seem to make logical sense — the success of the mission doesn’t necessarily mean that Hegseth was responsible with sensitive national security secrets — and the first part appears to be at odds with the available information about what transpired.

Complicating matters, this is not the only area of potential trouble for the former Fox News host who was confirmed despite bipartisan opposition. Politico published a report last week, which also hasn’t been independently verified by MSNBC or NBC News, that noted two related IG investigations that are also ongoing.

[I]nvestigators are looking into whether senior Hegseth aide Ricky Buria helped the Pentagon chief set up an unsecured internet line that bypassed the agency’s security protocols and allowed Hegseth to access Signal, according to the three people, all of whom were interviewed recently by officials about the situation. … In a separate inquiry led by the Air Force Office of Special Investigations, a federal law enforcement agency within the Pentagon, investigators are asking whether Buria could have been a source for leaks when he sat in on sensitive meetings as a military aide earlier this year and had access to Hegseth’s devices, according to the three people.

It’s worth noting for context that the existence of these reports suggests not only that Hegseth is facing serious scrutiny, but also that some officials within the Pentagon want the public to know that Hegseth is facing serious scrutiny. Watch this space.

This post updates our related earlier coverage.