The breach was discovered after Kelly reported functional glitches to White House tech support over the summer. It's still unclear when the initial infection occurred, although the glitches had persisted for months. The infection was further described in a memo circulated by White House staff in September.
Notably, the compromised phone was Kelly's personal device, rather than the secure phone issued by the government. The White House told Politico that Kelly rarely used the device since joining the administration, although even occasional use could have exposed sensitive government information to attackers.
It's a reminder of the danger of high-level government officials using consumer devices, an issue that also caused problems for President Trump in the early days of his administration. For weeks after the inauguration, the president tweeted from a Galaxy S3, a model that had not received a software update in over a year. It's unclear whether the phone itself was ever compromised, but it would have been a tempting target for foreign intelligence agencies. Twitter metadata shows Trump has stopped using the phone for more recent tweets.