A whistleblower revealed details of how Elon Musk's DOGE accessed the National Labor Relations Board's internal system and extracted confidential information, disabling monitoring tools and deleting traces, and causing a sudden increase in access from Russian IP addresses.
A whistleblower has revealed details of how Elon Musk's
Whistleblower details how DOGE may have taken sensitive NLRB data : NPR
https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-security
Federal employee alleges DOGE activity resulted in data breach at labor board
https://www.nbcnews.com/tech/security/federal-employee-alleges-doge-activity-resulted-data-breach-labor-boar-rcna201425
User with Russian IP address tried to log into NLRB systems following DOGE access, whistleblower says - Nextgov/FCW
https://www.nextgov.com/cybersecurity/2025/04/user-russian-ip-address-tried-log-nlrb-systems-following-doge-access-whistleblower-says/404574/
Whistleblower org says DOGE may have caused 'significant cyber breach' at US labor watchdog | Reuters
https://www.reuters.com/technology/cybersecurity/whistleblower-org-says-doge-may-have-caused-significant-cyber-breach-us-labor-2025-04-15/
In early March 2025, DOGE officials visited the NLRB headquarters to attempt to gain access to its internal systems to determine whether the NLRB was complying with Trump administration policies. The NLRB is a federal agency that investigates and adjudicates complaints about unfair labor practices, and it manages vast amounts of highly confidential information, ranging from confidential information about employees seeking to form unions to proprietary information about companies.
According to internal documents submitted to the U.S. Congress and the U.S. Office of Special Counsel by Daniel Berlis, a whistleblower working in the NLRB's IT department, DOGE officials may have stolen a large amount of confidential information from the NLRB's internal systems when they visited the NLRB's headquarters. After making the whistleblowing, Berlis leaked the information to NPR , a U.S. public radio station.
According to the whistleblower's official disclosures to Congress and other federal oversight agencies, interviews with the whistleblower, and internal communications obtained by NPR, NLRB technical staff became alarmed when they noticed the actions of 'DOGE engineers with authorized access to internal systems,' specifically, 'a sudden increase in data being sent from the NLRB's internal systems.' They suspected something strange was going on.
According to Berlis, the team found evidence of over 10GB of data being sent, which would be equivalent to the volume of an encyclopedia if all of the files were text.
The data that DOGE engineers were trying to send could have included confidential information related to labor unions, ongoing litigation, and trade secrets. According to a labor law expert who spoke to NPR, this data 'should never have been leaked from the NLRB and has nothing to do with government efficiency or spending reductions.' Berlis also said, 'It's extremely unusual for data to be leaked directly from the NLRB's database.'
The NLRB's internal communications also reveal that DOGE officials asked NLRB engineers to stop recording their activities in the system, then tried to cover their tracks by disabling monitoring tools and manually deleting records of their access.
In addition, several days after DOGE employees accessed the NLRB system, there were suspicious login attempts to the NLRB system from Russian IP addresses, and NLRB officials said that after they began to detect these attempts, they became increasingly concerned that confidential information might be leaked. Ultimately, the NLRB's IT department opened a formal investigation indicating a serious and ongoing security breach or possible unlawful deletion of personal information. Berlis also argues that the suspicious activity by DOGE employees merits further investigation by agencies with more resources, such as the Cybersecurity and Infrastructure Security Agency (CISA) or the Federal Bureau of Investigation (FBI).
Labor law experts interviewed by NPR expressed concern that if the NLRB's confidential information were leaked, it could be misused by private companies and others who are suing the NLRB, and it could also intimidate whistleblowers who might come forward about unfair labor practices and sow doubt about the NLRB's independence.
After Berlis filed the complaint, a threatening letter was posted to the door of his office, which contained his highly confidential personal information and a photo of him walking his dog, apparently taken by a drone.
Berlis' testimony is supported by internal documents and verified by 11 technical experts from other government agencies and the private sector.
Related Posts:
in Security, Posted by logu_ii