While the visible side of the administration appears to be floundering, new stories suggest that the less visible side—the “Department of Government Efficiency”—has dug into U.S. data in alarming ways.
On April 15, Jenna McLaughlin of NPR reported on an official whistleblower disclosure that as soon as members of the “Department of Government Efficiency” (DOGE) arrived at the National Labor Relations Board (NLRB), they appeared to be hacking into secure data. While they claimed to be looking for places to cut costs, the behavior of the DOGE team suggested something else was going on. They demanded the highest level of access, tried to hide their activities in the system, turned off monitoring tools, and then manually deleted the record of their tracks, all behaviors that cybersecurity experts told McLaughlin sounded like “what criminal or state-sponsored hackers might do.”
Staffers noticed that an IP address in Russia was trying to log in to the system using a newly created DOGE account with correct username and password, and later saw that a large amount of sensitive data was leaving the agency. Cybersecurity experts identified that spike as a sign of a breach in the system, creating the potential for that data to be sold, stolen, or used to hurt companies, while the head of DOGE himself could use the information for his own businesses. “All of this is alarming,” Russ Handorf, who worked in cybersecurity for the FBI, told McLaughlin. “If this was a publicly traded company, I would have to report this [breach] to the Securities and Exchange Commission.” When the whistleblower brought his concerns to someone at NLRB, he received threats.
“If he didn’t know the backstory, any [chief information security officer] worth his salt would look at network activity like this and assume it’s a nation-state attack from China or Russia,” Jake Braun, former acting principal deputy national cyber director at the White House, told McLaughlin.