Trump Mobile, a phone company launched by Donald Trump's family business, is investigating a potential security flaw on its website that may have exposed the personal details of an estimated 27,000 people who sought to purchase a gold-colored smartphone. The company confirmed that names, addresses, and phone numbers of individuals who filled out preorder forms appeared to be accessible.
Investigation Underway
In a statement, Trump Mobile said it is investigating the issue with the assistance of independent cybersecurity professionals. The company noted that there is no evidence of a direct compromise of its systems, infrastructure, or network. The investigation remains ongoing.
“Based on the available information, we have not identified evidence that Trump Mobile’s systems, infrastructure, or network were directly compromised,” the company said in response to questions from the Guardian. “At this time, the incident does not appear to involve Trump Mobile payment card information, banking information, Social Security numbers, call records, text messages, or other highly sensitive financial data. The impacted information appears to be limited to certain customer details, including names, email addresses, mailing addresses, order identifiers and mobile phone numbers.”
Additional Safeguards
Trump Mobile stated that additional safeguards and monitoring measures are now in place, and it is evaluating any applicable notification obligations. Customers are advised to remain vigilant for suspicious emails, calls, or text messages regarding their orders. The company emphasized that it will not ask customers to provide payment information, passwords, or other sensitive data through unsolicited communications.
The discovery of the security flaw coincides with Trump Mobile beginning to distribute its bespoke T1 smartphones after an almost 10-month delay. The company reversed its initial promise to manufacture the phones in the United States.
Discovery by Programmer
An Australian programmer with nearly 20 years of IT experience, who requested anonymity for fear of personal attacks, told the Guardian that they accidentally discovered the security flaws on the site and reported them to Trump Mobile. Jonathan Soma, a programmer and professor at Columbia University, reviewed the code uncovered by the Australian. Soma noted that the website used a common e-commerce model where each potential order added a “1” to a list, which had reached 27,224 possible preorders. However, he explained that the code reflected the last step before payment, meaning that individuals who abandoned their carts without completing the purchase were also recorded. Thus, the actual number of preorders is likely lower.
“I probably started three phone purchases and didn’t buy any of them,” Soma said.
Background of Trump Mobile
The security vulnerability comes nearly a year after the Trump Organization launched the cellular service and smartphone product in June 2025, coinciding with the 10-year anniversary of Donald Trump’s presidential campaign launch. At that time, Trump’s sons Eric and Donald Jr. announced plans for a “sleek, gold smartphone” that would be “proudly designed and built in the US for customers who expect the best from their mobile carrier.” The Trump Mobile website now states that the phones are “designed with American values in mind.”
Last week, CEO Pat O’Brien said the first T1 phones were assembled in the US and would use components “primarily manufactured” locally. O’Brien declined to confirm the number of preorders but told USA Today that Trump Mobile was “incredibly pleased” with the interest. He confirmed that T1 phones are now being shipped to customers.
