Whistleblower details how DOGE may have taken sensitive NLRB data
npr.org1109 points by rbanffy 5 days ago
1109 points by rbanffy 5 days ago
This part is really damning: a real efficiency audit might need a lot of access to look for signs of hidden activity, but they’d never need to hide traces of what they did:
> Meanwhile, according to the disclosure and records of internal communications, members of the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access — evasive behavior that several cybersecurity experts interviewed by NPR compared to what criminal or state-sponsored hackers might do.
The subsequent message about Russian activity could be a coincidence–Internet background noise-but given how these are not very technically skilled and are moving very fast in systems they don’t understand, I’d be completely unsurprised to learn that they unintentionally left something exposed or that one of them has been compromised.
> This part is really damning: a real efficiency audit
There were already people auditing departments, but they got fired early on:
* https://en.wikipedia.org/wiki/Inspector_general#United_State...
* https://en.wikipedia.org/wiki/2025_dismissals_of_inspectors_...
There's even an entire agency devoted to auditing:
* https://en.wikipedia.org/wiki/Government_Accountability_Offi...
Trying to find efficiency by bringing in the private sector is not a new thing:
* https://en.wikipedia.org/wiki/Grace_Commission
* https://en.wikipedia.org/wiki/Brownlow_Committee
* https://en.wikipedia.org/wiki/Hoover_Commission
* https://en.wikipedia.org/wiki/National_Partnership_for_Reinv...
[flagged]
> But bringing in the mob sector? Is that new?
No. But getting rid of cronyism/nepotism did happen at one point:
* https://en.wikipedia.org/wiki/Civil_service_reform_in_the_Un...
Not entirely, though under rather different circumstances: https://en.wikipedia.org/wiki/Operation_Underworld
> The subsequent message about Russian activity could be a coincidence–Internet background noise
These weren't random login attempts. It says the Russian login attempts had the correct login credentials of newly created accounts.
If the article is correct, the accounts were created and then shortly afterward the correct credentials were used to attempt a login from a Russian source.
That's a huge issue if true. Could be that someone's laptop is compromised.
It certainly needs a full investigation but I don’t want to presume the results. It wouldn’t be the first time some tool reported a wildly incorrect location for an IP address and the focus should be on DOGE breaking a number of federal laws and doing things which no legitimate auditor ever needs to do.
The login attempt was made by someone 115 years old, receiving social security payments and living in Russia.
> That's a huge issue if true. Could be that someone's laptop is compromised.
Or perhaps someone got invited to the wrong group chat again.
No need to have your laptop compromised if your just hand over the information...
Is it really a compromise if the opps (or should I say: "opps") are deliberately welcomed in with open arms? Granting Russians access here wouldn't even crack the top 10 gifts this administration has given to Putin in the last month.
Reminder that Trump wanted the US to partner with a foreign country to protect American elections (!?) and the country he wanted to help "secure" fair elections was the Russian dictatorship. (!!)
https://www.politico.com/story/2018/07/16/trump-putin-russia...
>A real efficiency audit might need a lot of access to look for signs of hidden activity, but they’d never need to hide traces of what they did
In fact I would imagine they would do exactly the opposite because they would look at the mere ability to hide what they did as an audit finding.
"The new bank-manager has hired some friends of his to improve the security of the bank vault."
"We already have an audit from last year, we just need the funding to improv--"
"Oh, and they want to turn off all the security cameras next weekend. You'll know it's them because they'll be wearing masks."
"Sir, we have a responsibility to our customers, we can't ju--"
"Do it or you're fired."
monday morning:
manager: "the auditors found all of our money missing"
::silence::
manager: "they are clearly doing an amazing job, and you are all fired for allowing such fraud waste and abuse"
The use of DNS tunneling and skirting logs makes my head spin. Even if justification of exfiltrating 10GB of sensitive data could be made, there's widely available means of doing so that aren't the methods of state-sponsored hackers and the like.
"DNS tunneling" (abnormal number of DNS requests) actually might be caused by a software that doesn't use DNS cache. I was once banned by 8.8.8.8 (Google's DNS server) for sending too many requests because youtube-dl was making a DNS request for each tiny segment of a video (and there were thousands of them).
Well, maybe one shouldn't be using Google DNS server when violating ToU to download Google's video.
But an abnormal number of DNS requests AND recorded outbound data totaling 10GB, with no other obvious indication of a less-subversive means of data transfer? I'd be very surprised if youtube-dl could come close to even 10MB of DNS requests at its chattiest
So NLRB handles confidential complaints. The complainant's idenity might be kept confidential. Exact details may be kept confidential.
Why aren't we to believe that this is Elon Musk going after anyone filing a complaint to the NLRB (from X, Twitter or SpaceX) or, worse yet (from Elon's POV), anyone potentially organizing any unionization effort?
There's absolutely no reason DOGE should have access to this information. There's absolutely no reason their activity, such as what information they accessed, should be hidden.
Everything's going to have to be replaced and it's going to be hugely expensive. But that's not going to happen until at least 2029 - plenty of time for bad actors to get settled in and cause real damage.
[flagged]
Oh, there will be elections. After all, even USSR and Russia had/have elections of all kinds.
Out of curiosity, since you appear to be very certain of this, what are you doing personally to deal with this? Are you leaving the country, moving into the hills, building a bunker, etc? I don't mean to sound antagonistic or anything, I genuinely would like to know.
Not OP but of the same persuasion. Personally, I’m working on emigration plans. I don’t really want to live in an authoritarian state. And if I ever have kids, there’s no way I’d want to raise them in this environment.
I should point out, though, that authoritarianism doesn’t necessarily mean that QOL drops for the average person (if you’re not part of a targeted group). Many people live quite happily in Hungary, Turkey, Russia. Local government will chug along as before, stonks might still go up. But you have to internalize a certain resignation over things you can no longer change or talk about, unless you wish to become a dissident and put yourself in danger. I’m not brave enough for that, so I’m opting out of the whole thing.
You're not at all wrong, but you've successfully described my entire life living in the US as a citizen born here. For that whole time we've incarcerated an absurd percentage of the world's prison population. I watched the crackdown on the Seattle WTO protests and Rodney King on the evening news.
Perhaps the defining feature of the modern nation state is a monopoly on violence and power. Been that way my whole life.
Any immigrant to the US that doesn't look like the right kind of immigrant, whether citizen or not, should be making plans and moving money.
I'm making plans and moving money already.
Not OP, but I'm seeking foreign citizenship through prior family history as a mechanism for legally escaping the US should it come to that.
not OP: not sure. I'm in California so things can go crazy for a whole other litany of reasons if any single claim of Newsom starts to blossom. It's going to be a crazy ride if no one cheecks Trump early enough.
I'm waiting it out for now. I'm "close" enough to communte to Los Angeles, but otherwise on the outskirts of the county as a whole. It's a weird place for any federal service to go out of their way to exploit.
Legit inquiry, do you think Trump will last to 2028? I personally don't, but it can go all sorts of ways.
As an aside, I also consider a civil war as "not making it". Having to wage war on the people you lead is fundamentally a failure of all systems.
Yes. The only way Trump is ousted is if Democrats somehow get a supermajority in the House and the Senate and impeach and remove him, which isn't going to happen. Republicans will always close ranks around Trump at this point. He definitely won't leave office peacefully, if at all. What happens after that, I don't know.
Trump's health is a big open question, though.
But even if Trump is out of the picture, that just means we'll get president Vance, which is likely to be even worse.
Not even close. The whole Republican party is lock step with everything DT says. Not a single member of Congress will oppose him. DT pushes through all kinds of things that they don't want, eg. RFK is a lifelong granola Democrat with wildly unpopular opinions but every single Republican confirmed him.
Nobody else in the party has this kind of power. Not JD, not Desantis, not the Koch brothers, nobody. When he's gone, it's over.
Trump didn't always have this kind of power; he acquired it. Why do you think it's impossible for another person - especially one that is effectively "officially anointed" as successor by Trump himself - to step into his shoes?
Right now this is impossible because Trump sucks all the air out of the room. But with him gone, I don't see any reason why all those people who voted for him will suddenly not vote for the closest similar candidate, and that voting block is really where his power comes from.
And looking at history, cults of personality often survive replacement of the figure around which they are built - examples are numerous in various dictatorships, just look at North Korea for one that is still ongoing.
Trump was given the power by some invisible forces who have been working for decades to develop plans to destroy the US.
Trump is simultaneously a blunt force tool to destroy our institutions while also being a political wizard that always know exactly how to spin things and is completely impervious to pressure and stress.
I think those background forces know after trump there will not be anyone like him. Which is exactly why everything is being destroyed at such a rapid pace. Their opportunity is short and they are maximizing it. Things will look very different post trump