Journalism in the Public Interest

How To Leak To ProPublica

We’re investigative journalists devoted to exposing abuse of power. If you’ve got evidence showing powerful people doing the wrong thing, here’s how to let us know while protecting your identity.

David Sleight/ProPublica

This story has been updated to include the latest information on Signal and our expanded beats in 2017.

Our job is to hold people and institutions accountable. And it requires evidence. Documents are a crucial part of that. We are always on the lookout for them — especially, now.

Have you seen something that troubles you or that you think should be a story? Do you have a tip about something we should be investigating? Do you have documents or other materials that we should see? We want to hear from you.

Here is what we are covering now.

Below are a few ways to contact us or send us documents and other materials, safely, securely and anonymously as possible.

Our general tips address is To contact specific reporters, here is our staff list, which links to each of our bios and email addresses. Of course, email is convenient, but if your information is sensitive, there are better options.

Encrypted Communications

Many ProPublica staffers use the free Signal app (iPhoneAndroid) to send and receive encrypted messages and phone calls. That means that messages and calls are scrambled, so that it’s extremely difficult for others to eavesdrop on them.

Using Signal requires both parties to share cellphone numbers with each other. Although Signal prompts users to enter their contacts into their address book, we suggest instead that people use Signal's option to type in a journalists' phone number and not enter the journalist into their contacts. (Thank you, Signal, for listening to us and adding that feature for iPhone users!) For some situations, it might even be better to use a separate phone for Signal communications.

Some of our staff also use an encrypted email program called PGP (sometimes referred to as “GPG”). It takes a bit of time to set up but allows you to send us scrambled messages that cannot be read by email providers, hackers, and other parties that may get access to your email.

You can read more about email encryption here, and learn how to set it up on Windows or on a Mac.

One important caveat: PGP only protects the message body of your email. Metadata — information about who you are communicating with and when — is not protected and can be seen by anyone with access to your email. (Like a mailed envelope, this unprotected information is used by email providers to make sure your message gets sent to the right place.) If your identity is sensitive, consider using a new, anonymous email address in combination with PGP, or try one of our other options.

  • Julia Angwin (PGP key: 0xC664D201) and Jeff Larson (PGP key: 0x54119264) report on digital privacy, surveillance, and the role of algorithms in society.
  • Jesse Eisinger, who covers business in the age of Trump, with a focus on conflicts of interest. can be reached on Signal at 718-496-5233.
  • Justin Elliott (PGP key: 0x2C353E48), who reports on labor, can be reached on Signal at 774-826-6240.
  • Robert Faturechi, who reports on money in politics, sends and receives encrypted messages on Signal at 213-271-7217.
  • Ryan Gabrielson, who reports on the justice system, can be reached on Signal at 917-455-1713.
  • Derek Kravitz, the contributing research editor at ProPublica, is compiling documents and data on President Trump. He can be reached on Signal at 573-239-7440.
  • Cezary Podkul, who covers the intersection of Wall Street and the new Trump administration, sends and receives encrypted messages on Signal at 646-943-1146.
  • Megan Rose (formerly McCloskey), who covers the military, veterans, and criminal justice, can be reached on Signal at 202-805-4865.
  • A.C. Thompson, who reports on hate crimes and extremist groups, can be reached on Signal at 347-563-8121.
  • Mike Tigas (PGP key: 0x6E0E9923) works on digital privacy tools and workshops, and manages our SecureDrop and Tor onion site.
  • Heather Vogell and Annie Waldman (PGP key: 0xE8F41874) report on all things education (from K-12 to higher ed). Both can be reached on Signal: Heather at 404-270-0303 and Annie at 347-549-0332.

The Low-Tech, but Secure Option: Postal Mail

Postal mail is an excellent, easy way to reach ProPublica securely. U.S. postal mail without a return address is one of the most secure ways to communicate — authorities would need a warrant to intercept and open it in transit.

Don’t use your company or agency mailroom to send something to us. Mail your package or envelope from an unfamiliar sidewalk box instead of going to a post office. You can mail us paper materials or digital files on, for example, a thumb drive. Our mailing address is:

155 Avenue of the Americas
13th Floor
New York, NY 10013-1507

If you can identify a reporter you want to reach, it’s worth noting that on the outside or inside of your package or envelope. You can also simply address it to ProPublica.

Super Hi-Tech, Time-Consuming but Maximum Security: SecureDrop

ProPublica uses a system called SecureDrop so you can share information and files with us with maximum security — far more than is possible with conventional email or other electronic means. Used properly, SecureDrop allows you to correspond with us in a way that shields your identity even from us.

Our SecureDrop server is only accessible using Tor, a special browser that masks information about your internet connection and the computer you are using. Although you need to download special software to connect to ProPublica's SecureDrop server, it can be as easy to use as a normal web browser.

Here's how to contact us using SecureDrop:

  • Visit and follow the directions to download and install Tor.
  • Launch the Tor Browser.
  • In the Tor Browser, copy and paste the following into its address bar: http://pubdrop4dw6rk3aq.onion/
  • Follow the instructions on that website to send us files and messages.
  • When you use the site, you will get a code name, which is your login for SecureDrop. You can come back and log in with this code name to submit more information; you can also log in from time to time to see if we have sent a response to you.

When using SecureDrop, we will not record your IP address or information about your browser, computer or operating system.

If you seek maximum confidentiality, do not submit material using the network at your home or work. If you can, use public WiFi, such as at a coffee shop. You can also boot your computer from a USB key containing TAILS, a secure operating system which does not leave any trace of your TAILS activity on the computer you are using; TAILS also comes with a copy of the Tor Browser. (More information on TAILS can be found here.)

Tor is designed to hide your IP address and seeks to make it very difficult for anybody to determine who is sending the files. However, be on your guard and know who might be watching you. We want you to be safe and to understand the risks you face before you send us anything. And if you’re using Tor, you can also read ProPublica more anonymously by using our “onion site” version.

blog comments powered by Disqus