No Hack Needed: How Peter Thiel's Dialog Left NATO and US Officials Exposed

The secretive, invite-only group Dialog has informed its high-profile membership that a wanted criminal orchestrated a cyberattack to steal their personal information.

However, security analyses by WIRED indicate the elite network simply left its internal records publicly accessible through a misconfigured website.

Claims of a Cyberattack

Dialog managing director Juliette Levine sent an email notifying members of a data exposure involving attendees of past events and an upcoming August retreat outside Dublin, Ireland.

Levine alleged that the breach was carried out by a well-known criminal wanted in the U.S.

The organization responded by temporarily shutting down multiple internal systems.

Dialog also retained legal counsel from ArentFox Schiff, demanding the return of the exposed data and classifying the incident as a cyberattack by a known cybercriminal.

Lawyers for the group state that the incident has been reported to law enforcement.

Despite these claims, evidence shows that accessing the data required no sophisticated intrusion or bypassing of technical controls.

A Misconfigured Website

The exposure originated from a Dialog website designed to distribute a mobile application for the upcoming Dublin gathering.

The landing page permitted any visitor to sign up using an email address without requiring a password.

After submitting an email, visitors were directed to a holding page that automatically loaded the internal files of approximately 200 individuals into their web browsers.

Viewing these records only required basic page inspection tools available in standard internet browsers.

Cybersecurity researcher maia arson crimew, who first received tips about the site, stated she did not exploit any software flaws or bypass security measures.

The data she viewed was identical to the records accessible to any standard browser visiting the page.

Experts describe the vulnerability as negligence rather than a malicious breach.

Nicholas Weaver, a network security specialist at the International Computer Science Institute, characterized the flaw as a preventable web design error.

Exposed Elite Roster

The exposed database contained highly sensitive information on current and former figures in national security, technology, and politics.

The records revealed the names of 113 past participants, including high-profile figures such as Elon Musk, Jared Kushner, Scott Bessent, Senator Ted Cruz, and Kaja Kallas.

Records also name Army Secretary Dan Driscoll, Palantir co-founder Joe Lonsdale, and Strauss Zelnick, CEO of Take-Two Interactive, the video game company behind GTA VI.

Files associated with the upcoming August retreat included NATO officials, a current White House intelligence official, and a retired general with senior U.S. intelligence experience.

Other exposed attendees included former defense and security officials from Britain, Japan, and Pakistan.

The leaked data is comprehensive, encompassing private contact information, cell phone numbers, dates of birth, and active login tokens.

The records also exposed internal metrics, showing how Dialog grades attendees based on wealth, prominence, and assigned political leanings.

Third-Party Platforms

Dialog utilized third-party services Fillout and Airtable to collect and store the attendee data.

Loading forms hosted by Fillout returned extensive background information directly from Dialog’s Airtable databases.

Fillout denied any active platform vulnerability or compromise of its systems.

The company stated that customers independently configure their forms and connected data sources, thereby dictating the application's operational behavior.

Public Backlash

The data exposure forced prominent attendees to publicly distance themselves from Dialog cofounder Peter Thiel.

New York Times columnist Ezra Klein and actor Joseph Gordon-Levitt confirmed their past attendance but stated they had no interactions with Thiel.

Actress Sophia Bush also addressed her participation, criticizing the organization's founder.

The ongoing fallout highlights the significant privacy risks posed by basic digital negligence within networks that connect global elites.