The bullet that grazed Donald Trump's ear in Butler, Pennsylvania missed killing the President by less than an inch.
Secrets from that day are still being revealed.
What that agent did with his phone in the minutes before Crooks opened fire is the detail Washington has been sitting on.
Secret Service Personal Phone Use During Protective Operations Exposed Trump to Foreign Adversaries
The Department of Homeland Security's Inspector General released a bombshell report revealing that Secret Service agents routinely abandoned their government-issued phones for personal devices – not just overseas, not just occasionally, but during protective operations on American soil.
Government-issued phones were so unreliable that agents resorted to personal iPhones to do their jobs – sending photos, joining group chats, staying connected in the field.
Investigators reviewed records and found more than 15,000 calls placed or received on personal phones during protective events, along with 24,000 texts exchanged between personal and government devices.
At Butler, a Secret Service employee got a picture from local law enforcement identifying Thomas Matthew Crooks as a threat – but it came in on a personal phone, because the agent's government-issued device couldn't receive it.
The employee had to forward the image by email because the standard communication chain had already broken down.
Crooks climbed onto a nearby rooftop and fired eight rounds at the President of the United States.
DHS Inspector General Report Reveals Butler Communication Failures Were Covered Up
The phone failure at Butler was not an accident. It was the result of years of institutional rot.
Inspector General Joseph Cuffari – a Trump appointee – told Congress in March that DHS leadership under former Secretary Kristi Noem had "systematically obstructed" his office's investigation into the Butler security failures in at least 11 separate instances.
His team was denied access to a highly compartmentalized intelligence program central to understanding what went wrong at Butler.
DHS also revoked their access to a database tracking employee security clearances – records the IG needed to follow the chain of responsibility.
Cuffari wrote to lawmakers that the obstruction was "particularly troubling given the other reported attempts on President Trump's life."
Republican Sen. Thom Tillis didn't hide his fury when Noem appeared before the Senate Judiciary Committee.
"Does anybody have any idea how bad it has to be for the OIG in this agency to come out and do this publicly?" Tillis said. "That is stonewalling, that's a failure of leadership, and that is why I've called for your resignation."
Trump fired Noem weeks later.
Secret Service Cybersecurity Failures at Butler Left Iran With a Clear Opening
At the time of the Butler assassination attempt, the United States had active intelligence about a separate Iranian plot to kill Donald Trump.
Iran has a documented history of deploying cyber tools to support assassination operations abroad.
A compromised agent phone hands adversaries exactly what they need – location data, contact lists, operational photos, real-time communications – to track a protectee and plan an attack.
The IG report said that adversaries "could have intercepted and exploited Secret Service information, placing at risk our Nation's leaders, other protectees, and employees."
That scenario is not theoretical. In 2018, a Mexican drug cartel hired a hacker to monitor an FBI official in Mexico City – pulling enough surveillance data from city camera systems to identify and murder potential informants.
The same method works against the Secret Service.
Agents returning from overseas assignments didn't wipe their devices, leaving months of location history, contacts, and communications sitting on phones that foreign intelligence services had every opportunity to access.
The OIG reviewed records from October 2022 through April 2025 and found the pattern was agency-wide – the Secret Service even reimbursed agents for personal phone use on international trips, treating the policy violation as standard operating procedure.
Director Sean Curran has now said the agency made "comprehensive enhancements" and that government phones can finally run commercial messaging apps like WhatsApp and Signal.
Whistleblowers flagged this problem for years before a bullet grazed the President's ear.
Nobody in Washington acted until it was almost too late.
Sources:
- "Secret Service's Deficient Mobile Device Management," Department of Homeland Security Office of Inspector General, OIG-26-09, June 26, 2026.
- "Secret Service Mobile Device Failures Exposed Protectees to Foreign Adversaries, Watchdog Finds," Washington Examiner, June 26, 2026.
- "Inspector General: Secret Service's Failure to Secure Mobile Devices Heightened Risk for U.S. Leaders," Breitbart News, June 27, 2026.
- "Grassley Report Concludes Secret Service Failure to Share Threat Information Allowed for Preventable Tragedy in Butler," Senate Judiciary Committee, July 12, 2025.
- Rusty Weiss, "Noem Saga Grows More Bizarre As IG Accuses DHS of Blocking Investigations, Including One Involving Butler," RedState, March 6, 2026.

