'This is very bad': Whistleblower reveals 'brazen' DOGE team looting sensitive labor data
A whistleblower has revealed that engineers with the Department of Government Efficiency had smuggled out highly sensitive data they had accessed from the National Labor Relations Board (NLRB).
The DOGE employees arrived at the agency's headquarters in early March and immediately reviewed its data to ostensibly to maximize efficiency and identify costs to cut, but whistleblower Dan Berulis told Congress that technical staff members believed their actions within those sensitive systems looked like what criminal or state-sponsored hackers might do, reported NPR.
“The amount of data that was taken is the equivalent to a section of the New York Public Library, and the amount of people it could impact is in the hundreds of millions,” Berulis said. “Our information systems appear to have been assaulted and someone with the capacity and mandate to investigate needs to do so.”
The DOGE team may have been granted access to sensitive information on unions, ongoing legal cases and corporate secrets – all of which labor law experts say should never leave the agency – and the employees working under Elon Musk asked that their activities not be logged on the system and apparently tried to cover their tracks.
ALSO READ: 'Retribution or bust’: 'Secretary of Retribution' joins J6 leaders to demand mass arrests
"I can't attest to what their end goal was or what they're doing with the data," Berulis told NPR. "But I can tell you that the bits of the puzzle that I can quantify are scary. ... This is a very bad picture we're looking at."
NLRB employees were concerned that confidential data could be exposed, especially after they detected suspicious log-in attempts from an IP address in Russia, the whistleblower told lawmakers, and the IT department began a formal review of what was determined to be a serious, ongoing security breach and the potential illegal removal of personally identifiable information.
“What is particularly alarming is that in addition to private data being exfiltrated out of NLRB systems – and within minutes of DOGE personnel creating service/user accounts in NLRB systems – someone or something within Russia appeared to attempt to login using all of the correct credentials (eg. Usernames/Passwords) on several occasions," said Andrew Bakaj, chief legal counsel for Whistleblower Aid. "This near real-time unlimited access by Russian actors heightens concerns to a level not previously seen and could have destroyed the agency’s entire infrastructure in a matter of minutes."
Berulis noticed suspicious DOGE activity almost immediately, and so did others, including journalist Roger Sollenberger, who posted on X last month that Massachusetts Institute of Technology graduate and DOGE engineer Jordan Wick had been sharing information about coding projects he was working on to a public account on the GitHub website that Berulis believes could have been a back door to NLRB's internal case management system.
"So when I saw this tool, I immediately panicked, just for lack of a better term," he said. "I kind of had a conniption and said, 'Whoa, whoa, whoa.'"
He immediately notified the rest of his team, who shared his concerns about DOGE's access to the internal system that hosts proprietary data from corporate competitors, personal information about union members or employees voting to join a union, and witness testimony in ongoing cases – all of which is protected by the Privacy Act and other federal laws.
"It definitely seems rather odd to name it that," said one of the engineers who built NxGen. "Or brazen, if you're not worried about consequences. The whole idea of removing logging and [getting] tenant-level access is the most disturbing part to me."
The IT team prepared a request for assistance from the Cybersecurity and Infrastructure Security Agency (CISA), but those efforts were disrupted without an explanation, and Berulis said he found a printed letter in an envelope taped to his door a short time later that included threatening language, sensitive personal information and overhead photos of him walking his dog
"If the underlying disclosure wasn't concerning enough, the targeted, physical intimidation and surveillance of my client is," Bakaj said. "If this is happening to Mr. Berulis, it is likely happening to others and brings our nation more in line with authoritarian regimes than with open and free democracies. It is time for everyone – and Congress in particular – to acknowledge the facts and stop our democracy, freedom, and liberties from slipping away, something that will take generations to repair."