Bad cybersecurity practices from Secret Service agents have left their phones vulnerable to hacking and risked the lives of senior US officials they are charged with protecting, according to a new inspector general report.

Foreign “adversaries” — a term that can encompass spies and terrorists — “could have intercepted and exploited Secret Service information, placing at risk our Nation’s leaders, other protectees, and employees,” said the report released Thursday by the Department of Homeland Security inspector general (IG).

The findings revive longstanding concerns about security practices at the Secret Service two years after the near-assassination of President Donald Trump in Butler, Pennsylvania, when insecure and faulty communications led to one of the biggest debacles in the agency’s recent history.

A big part of the problem is that Secret Service employes have frequently used their less-secure personal phones rather than their government phones while on protective missions, the new IG report found. Someone who hacks an agent’s personal phone could steal “mission-related data, including contacts, user history, geolocation, and photos” and then use that sensitive information to “plan attacks against protectees or Secret Service employees,” the inspector general concluded.