According to a report, White House chief of staff John Kelly may have been using a breached smartphone for months.
The hack was reportedly discovered when Kelly's phone was malfunctioning and he took it to tech support at the White House, according to Gizmodo. The potential hack sparked worries that foreign governments and hackers could have had access to Kelly's phone during his time in the Trump administration, both as secretary of Homeland Security and as chief of staff.
The phone may have been compromised as far back as December 2016, Politico reports. According to a White House spokesman, Kelly had not used the personal phone much since starting his role in the administration, mainly using his government-issued phone for work.
Kelly is reported to no longer have the phone, and has since started to use another phone.
Senior research fellow at the University of Toronto Bill Marczak said that in the worst-case scenario, a hacker could potentially gain full access to a phone, even enabling them to use the device's camera or microphone.
"The [attackers] I would be most worried about are nation-states or other actors who may have access to resale of commercial spyware sold to nation-states," Marczak explained. "The average user won't notice anything at all. Really, the only way to pick up on that is to do forensics on the phone."
The news of the suspected hack comes shortly after the report that White House officials had been using their personal email accounts for government communications. President Donald Trump's daughter and son-in-law, Ivanka Trump and Jared Kushner, were among those who reportedly used their personal email accounts to conduct government communications. Both serve as White House advisers.
White House advisers Stephen Miller and Gary Cohn, as well as former officials Reince Priebus and Steve Bannon, were also reported to have used their personal email accounts for government correspondence.
The president himself has sparked criticism for his use of an outdated Galaxy S3 phone that is reported to be vulnerable to hackers, according to The Atlantic. Trump was reported to be potentially using the phone to tweet as recently as March.
A number of Trump's tweets have been listed as being sent from an Android phone, while others were sent from an iPhone. It's unclear whether the Android is Trump's original Galaxy S3, or a newer, more secure phone with the Android operating system.
Sam Kassoumeh, CEO of SecurityScorecard, a security intelligence company, said Android phones can carry the risk of being vulnerable to hackers, according to Wired.
"What we know from looking at public information about disclosure of vulnerabilities, and exploits on hardware and software is that Android devices have a very high volume of vulnerabilities," Kassoumeh explained. "There's a high level of exploitability on an Android phone."