Investigating Rumor Claiming Pete Hegseth Owned Russian Email Address
A rumor that several users circulated online in March 2025 claimed U.S. Secretary of Defense Pete Hegseth once owned the Russian email address phegseth@mail.ru. The Russian technology company VK owns (archived) the Mail.ru email-provider website, which is why the domain name extension .ru pertains to Russia.
The rumor involved several pieces of data, including a latest chapter in rumors about Trump's association with Russian interests, information and passwords provided in past data breaches, a Princeton University email address matching Hegseth's first initial and last name, and the details of a Mail.ru user agreement. As of this writing, we were unable to locate enough evidence to conclusively link the Russian email address to the defense secretary.
According to a White House spokesperson, "That is fake" when asked about the rumor. The Defense Department, Princeton University, and VK did not yet respond to emails asking various questions that might yield more facts.
New Development in the Controversy
According to Der Spiegel, "Now, reporting by DER SPIEGEL has found that the contact data of some of those officials, including mobile phone numbers, is freely accessible on the internet."
The Atlantic's Editor-in-Chief First Reported the News
The Atlantic's editor-in-chief, Jeffrey Goldberg, first reported the news of the Signal messages on March 24, after a member of the chat group accidentally added him to the highly-sensitive conversations.
Two days following its initial reporting, The Atlantic published the messages from the chat group after Hegseth and other Trump administration officials attempted to discredit both Goldberg and his reporting, and after attempts to downplay the sensitive nature of the exchanges.
Pekka Kallioniemi's Concerns
Pekka Kallioniemi, whom the the Finnish Ministry for Foreign Affairs appointed as a Digital Policy Specialist in 2019, made note (archived) of the data breach materials showing the matching passwords.
He wrote he believed Timofey V's new registration of the account indicated either that "the account was deleted by the owner or scrapped by the service," or that "the data itself is garbage, red herring, and it was added there by someone as a decoy."
The Observed Password Correlation
Assuming for a moment the authenticity of the 2016 data breach information, the observed password correlation potentially suggested an individual named P. Hegseth owned both email addresses at some point during or before 2016.
This purported association theoretically could have persisted until the Mail.ru account was either deleted by the user or terminated by the email provider, potentially due to inactivity or other reasons, enabling Timofey V to register the same email address in March 2025.
Mail.ru's User Agreement Policy
Aric Toler's Caution
Aric Toler, a reporter for The New York Times' visual investigations team, expressed caution about the rumor in a thread on X.
He posted (archived), in part, "Be a bit wary of these claims of Hegseth having a secret Russian email. I've ran into ghost mail.ru and rambler.ru accounts made with usernames and passwords previously found in data leaks."
Snopes' Attempt to Conduct an Experiment
Snopes attempted to conduct an experiment in creating a Mail.ru account, deleting it entirely and then attempting to create the same email address a second time.
However, Mail.ru failed to successfully delete the test account, even though the website displayed messages indicating a successful removal, thus not allowing us to complete the test.
Conclusion
This article will receive updates should any further correspondence or facts come our way. For further reading, we have also broken down the story about Trump administration officials using a Signal group chat that included Goldberg to discuss the strikes in Yemen.