Pentagon intelligence leak sends Washington into damage control

An unknown number of people have been able to access Pentagon intelligence documents posted on social media and online gaming platforms since early March. The leak — the most serious since WikiLeaks published 250,000 State Department cables in 2010 and the 2013 Edward Snowden leak of National Security Agency (NSA) classified information — has revealed sensitive information about important U.S. allies, such as Canada, South Korea, Israel and Egypt, straining relations with those countries. Ukraine has also been forced to amend some of its military plans, as the leak contained information on its planned counteroffensive to liberate the Russian-controlled east of the country. While the Justice Department’s continues its investigation into the case, Washington has two priorities: finding out the source of the leak and plugging it immediately. The Pentagon has described the online leaks as a “very serious risk” to national security.

Clues left online may help determine the source of the leak, since they narrow down the number of possible suspects. What has been posted to the internet are photographs of printed documents — some with crumpled paper — about the war in Ukraine, the Middle East and Asia. Officials and analysts believe that the fact that photographs were used suggest that the cache of around 100 documents was leaked, not hacked. In the images posted online, the files appear stacked on top of magazines and surrounded by objects such as glue, paper clips and nail clippers. The first impression is that the documents are briefing material for senior officials, prepared by the Joint Chiefs of Staff and the CIA.

Some sources claim that part of the material may have been published on the video game chat platform Discord as early as January. In March, documents were posted on a closed chatroom called “Minecraft Earth Map” and another server run by the fans of Filipino YouTuber WowMao, before spreading to 4Chan and later to Twitter and Telegram. For weeks, these social media users joked about the leaks, unaware of their significance. Defense Secretary Lloyd Austin was first informed of the leak on April 6 — hours before The New York Times broke the story — when files began appearing on a Telegram channel related to the Russian invasion of Ukraine.

These tracks may provide a partial or complete answer to investigators’ main questions: who accessed the documents and published them online, why did they do so, and how much damage has it caused. “We don’t know who’s behind this. We don’t know what the motive is,” John Kirby, a spokesperson for the National Security Council, said on Monday. “We don’t know what else might be out there,” he added, indicating that the White House may be in store for more surprises.

The documents — which appear to be authentic — contain highly classified and sensitive information. Some of them, however, appear to have been altered, such as a military intelligence report on casualties in the Ukraine war that seems to have been edited to reduce the number of Russian troops killed. An image of this document was released last week and widely shared on Telegram, which is very popular in Russia.

The reports on the war in Ukraine are especially detailed, with maps, inventories of battlefields and other confidential information. Some provide details on Ukraine’s special forces, which is made up of a hundred soldiers from the U.S., U.K., France, Latvia and the Netherlands. Others show the extent to which U.S. military intelligence has penetrated the Russian army (it intercepted its plans to attack Odessa and Mykolaiv in March) and the Wagner paramilitary group, which allegedly tried to covertly buy weapons from Turkey. A February 23 report confirms what defense and military analysts have been saying in public: that the fighting in the east of Ukraine is a “campaign of attrition” that appears headed for a stalemate.

But containing the damage caused by the leak is more complex than simply tracing IP servers or tracking down online communities. The classified documents suggest that the United States is spying on its allies, including Ukraine, and that Russia could win the war due to the weakness of Ukraine’s air defense system — less-than-reassuring messages that have wide-ranging consequences.

In a bid to contain the damage, Washington has reached out to the allies it has allegedly spied on, including South Korea. According to a statement from the office of South Korean President Yoon Suk-yeol. U.S. Secretary of Defense Lloyd J. Austin III phoned his South Korean counterpart Lee Jong-Sup on Tuesday and said the U.S. would closely communicate with South Korea on the issue. “The suspicion of eavesdropping in the Yongsan Presidential Office is a false suspicion,” it added. According to the leak, the CIA intercepted a conversation between high-level South Korean officials on whether to sell weapons that could be used in Ukraine. Seoul, however, insists that for now it will maintain its policy of providing only humanitarian aid.

As the British Defense Ministry warned on Twitter on Tuesday: “Readers should be cautious about taking at face value allegations that have the potential to spread misinformation.”

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition