A significant cybersecurity lapse has brought to light the inner workings and membership of **Dialog**, an exclusive, invitation-only organization that convenes influential figures from US government, foreign governments, and Silicon Valley at off-the-record annual retreats. For two decades, Dialog has meticulously guarded its membership. However, a trove of internal records, including a directory embedded in the website's code and a registration list for its 2026 retreat, was left exposed online. ### The Discovery and Verification The initial discovery of a directory in the website's code was made by Swiss hacktivist **maia arson crimew**, known for previous exposures such as the US government’s **No Fly List** and the breach of surveillance-camera company **Verkada**. Crimew stated that an anonymous tip led to the discovery, which **WIRED** independently verified. Separately, **WIRED** obtained the registration list for Dialog's 2026 retreat, scheduled for August 12-16 near Dublin, Ireland. This list details 222 individuals, their membership status, and attendee type, including 'active member' and 'guest.' ### A Convergence of Power The leaked documents reveal an extraordinary roster of participants. Among those listed are: * **General Alexus Grynkewich**, NATO's Supreme Allied Commander Europe and head of US European Command, recorded as attending Dialog gatherings since 2021. * Sitting **Trump administration** officials. * Two US senators, including **Senator Ted Cruz**, chairman of the Commerce, Science, and Transportation Committee. * Six members of the **PayPal Mafia**. * A former Middle East chief of intelligence. * A sitting ambassador to the United States. * Founders and directors of major surveillance, data-broker, and advertising-data companies. Notably, these executives appear alongside senior US officials overseeing their respective industries. For instance, **Auren Hoffman**, Dialog’s chairman and founder of location-data broker **SafeGraph** and identity-resolution firm **LiveRamp**, is listed alongside Treasury Secretary **Scott Bessent**. **Palantir** cofounder **Joe Lonsdale**, whose software is used by US Immigration and Customs Enforcement and the Pentagon, is also listed alongside Army Secretary **Dan Driscoll** and Representative **Jim Himes**, ranking member of the House Intelligence Committee. ### Sensitive Personal Data Exposed The exposed data goes beyond mere attendance. It includes sensitive personal details such as participants' political leanings, which Dialog explicitly promised would *never* be shared. The organization even runs a matchmaking service at dating.dialog.org, and responses to questions like 'looking for love' were also compromised. For each participant, Dialog’s internal **Airtable** database logged membership status, retreat attendance history, a biography, home city, and a private access token. While **WIRED** has not published these tokens or personalized account links, their exposure highlights a critical security oversight. ### The 2026 Retreat and Future Predictions The 2026 retreat registration shows 87 first-time attendees out of 222. All registrants, including government officials, used personal or corporate email addresses, circumventing public-records laws. A recurring theme among registrants' predictions for the future is the transformative impact of **Artificial Intelligence**. Many foresee AI reordering work, war, education, and belief within years, predicting mass labor displacement, an 'AI winter,' domestic terrorism targeting data centers, and even religious revival. ### Lax Security Practices Despite the strict 'off-the-record' rules for discussions within the group, the same discipline did not extend to Dialog's digital infrastructure. The directory was directly embedded in the source code of dialog.org, accessible to any visitor. Furthermore, app.dialog.org presented an open sign-in screen for 'Dialog Global 2026' without terms of service, membership restrictions, or invitation requirements. This incident underscores the inherent risks even highly private organizations face when their digital security practices do not match their operational secrecy. The exposure of such a high-profile, sensitive dataset serves as a stark reminder for all organizations about the critical importance of robust cybersecurity measures.