from Hacker News

Payments crisis of 2025: Not “read only” access anymore

by shinryuu on 2/4/25, 3:05 PM with 654 comments

  • by taylodl on 2/4/25, 3:09 PM

    This isn't a payments crisis; this is an auditing crisis. There's no way to ensure proper accounting procedures are being followed. At this point, Congress' continued inaction is bordering on criminal.

  • by malfist on 2/4/25, 3:14 PM

    Is anyone not concerned by this? Paying the bills due is not a political issue, making payroll is not a political issue.

    Elected or unelected, politicians with an agenda should not be in charge here.

  • by resters on 2/4/25, 3:23 PM

    Everyone from Elon to Luigi want to just "burn it down". They see no benefit in following democratic processes to achieve the desired ends.

    I used to respect Elon for risking a lot of his own capital on new ventures. But now he's turned into a socially conservative internet troll.

  • by HumblyTossed on 2/4/25, 9:06 PM

    There's a logical fallacy in believing simply because Elon has had some success in business, he can have success here.

  • by erentz on 2/4/25, 6:44 PM

    So I just found this a few pages down at rank 129, where its ended up in only 3 hours, despite garnering 250 points in that time. That's abnormal for such a popular post. What gives?

  • by spacemanspiff01 on 2/4/25, 10:44 PM

    So to me this seems like an issue, set aside the constitutional/legal issues.

    It sounds like, from the reporting, one person is modifying a large complex system that handles trillions of dollars and pushing directly to production.

    Also he is not familiar with the system, having first encountered it a week ago.

    Also the people who do normally have access to this system do not know what he is exactly doing, because normally, it is illegal for them to even access the system in the same way.

  • by belter on 2/4/25, 5:17 PM

    This a list of the data these SpaceX bros might now have on their drives, for every single US citizen:

    - Tax Return Info: Name, SSN, address, income, deductions, payments/refunds.

    - Enforcement Records: Audit trails, payment plans, liens/levies.

    - Federal payments (e.g., tax refunds, Social Security), direct deposit info, delinquent debt details.

    - Accounts for U.S. Treasury securities (personal data, account activity).

    - Sanctions Enforcement: Basic identifiers (name, address), transaction details for compliance checks.

    - Financial Crime Data: Suspicious Activity Reports (SARs), Currency Transaction Reports (CTRs), limited personal/transaction info tied to money laundering or terrorist financing investigations.

    - Investigative files related to Treasury programs (potentially includes personal data).

  • by yalogin on 2/4/25, 8:48 PM

    Weird that the first instinct of his is to eliminate all aid local and international. No mention of looking at the military spending. I guess cutting elsewhere will help funnel that into spacex and whatever ai insanity musk comes up with to "serve the government"

  • by flaminHotSpeedo on 2/4/25, 3:39 PM

    This coming from the same people who shut OPM employees out of an HR database, citing (legitimate) security and oversight concerns, because they had broad un-auditable access.

    How can this department turn around and do this and still maintain they're doing the right thing? By their own admission they know this a bad idea

  • by polotics on 2/4/25, 4:52 PM

    Just asking for a friend. Are CIA and NSA salaries being paid by the systems that are being fraudited right now? Does this extend to payments to intermediaries inclusive of foreign intermediaries / banks?

  • by samsk on 2/4/25, 10:11 PM

    Oh, can't wait for the article on Medium on how they rewrote that old COBOL thing in React Native and NodeJS in 3 days and saved bilions (by not delivering them).

  • by macawfish on 2/4/25, 5:07 PM

    Maybe hasty de-dollarization is the plan of this organization literally named after a cryptocurrency?

  • by mikewarot on 2/5/25, 1:20 AM

    I worry/wonder how strong the public hunger for blood in the streets would become if they accidentally delay or otherwise modify more than a handful of Social Security payments. This is as close to juggling chainsaws as anyone can get.

    Elon doesn't have a strong track record of getting things right the first time.

  • by bbor on 2/4/25, 3:14 PM

    Where were you when the empire fell? I was at my computer, trying not to cry...

  • by skepticATX on 2/4/25, 3:13 PM

    Not a lawyer, but it would seem that Elon and Doge employees are exposing themselves up to significant legal liability here. Maybe Trump pardons Elon (if they don't fall out before then), but is he going to pardon everyone who has a hand in this? And it seems likely that state crimes are being committed as well. The president may have broad immunity, but Elon does not.

  • by 01HNNWZ0MV43FF on 2/4/25, 3:21 PM

    Blue no matter who. 2024, 2026, 2028. This was preventable

  • by hamburga on 2/4/25, 4:37 PM

    Why was this flagged?

  • by LorenDB on 2/4/25, 3:16 PM

    It's spelled "federal", not "fedaral".

  • by 1970-01-01 on 2/4/25, 9:54 PM

    >include the ability not just to read but to write code on two of the most sensitive systems in the US government.

    ...

    >All that is known is that Marko can “access and query” SPS and that there was someone who gave Marko a “tour” of the facilities. We do not know where they are in operationalizing any control. One senior IT source can see Mark retrieving “close to a thousand rows of data” but they can’t see the content because the system is “top secret” even to them. No source I have has knowledge of what DOGE is doing with the data they are retrieving.

    So the (d)evil remains hidden in every one of their details! What does 'write code' actually mean? A DB query? What exactly are these 'most sensitive' systems in the US government? A COBOL DB??

    Compare the backups.

    You DO have them off-site?

  • by TrackerFF on 2/5/25, 9:38 AM

    This should scare everyone in the US.

    The strategy here is:

    1) Trump issues some unconstitutional EO to abolish a federal department

    2) Musk and DOGE go to work

    3) Some federal judge blocks the EO

    4) Some acting lackey of Trump ignores the court order. DOGE continues to dismantle the department from within

    5) Even if the judge orders an arrests, no-one will enforce it

    6) Congress does nothing

    By the time anyone actually gets held accountable, the departments will have been pillaged and dismantled. DOJ and the AG will not go after anyone involved, Trump orders pre-emptive pardons for all involved in federal crimes.

  • by bbqfog on 2/4/25, 3:16 PM

    Musk already gained access to everyone's private Twitter data. He also gathers data from Tesla sensors. Now he has access to private citizen's federal data. Very dangerous for any private, unaccountable individual to have this level of access and especially someone as malicious as Musk.

  • by liontwist on 2/4/25, 10:27 PM

    Many reasonable and civil comments I and others made earlier today are being flagged. Whats going on?

  • by cratermoon on 2/4/25, 4:15 PM

    I sure hope none of the systems the DOGE boys are recklessly accessing end up having some dangerous malware like StuxNet on them that ends up disabling or destroying the DOGE systems.

  • by code_for_monkey on 2/4/25, 3:28 PM

    total financial control by 5 20 years who've never written anything but Python, this should be great

    who tf downvoted this show yourself groyper

  • by unyttigfjelltol on 2/4/25, 9:09 PM

    So let me get this straight-- there is a box in a Treasury building that, if the janitor accidentally unplugs it-- immediate financial apocalypse and a fifth of the US economy "stops."

    Why isn't the very existence of this box the problem?

  • by astroid on 2/5/25, 1:15 AM

    Okay this is the third article I have seen posted on HN about this - and once again, it is just a circular mish-mash of anonymous second hand sources.

    These articles are all so circular I have resorted to asking CoPilot to analyze them and tell me what each source is, if they are 1st 2nd or 3rd party, and whether or not they are anonymous.

    In this article, the analysis came out with:

    Let's break down the claims and sources in this article:

    Crises Notes: Reports that the Trump-Musk Treasury payments crisis of 2025 involves the Department of Government Efficiency (DOGE) gaining access to the Treasury Department's payment system. The article mentions concerns about the potential for irreversible damage to the systems and the exposure of sensitive personal and financial information1. The sources are unnamed, and there is no direct evidence provided.

    CBS News: Reports that DOGE has access to the Bureau of the Fiscal Service, which disburses trillions in payments each year, including Social Security checks and federal salaries. The article mentions concerns from consumer advocates and Democratic lawmakers about the potential risks of this access2. The sources are unnamed, and there is no direct evidence provided.

    Truthout: Reports that labor unions and an advocacy group have sued the U.S. Treasury Department to halt DOGE's access to the critical government payment system. The article mentions concerns about the scale of the intrusion into individuals' privacy and the potential for unauthorized access to sensitive information3. The sources are unnamed, and there is no direct evidence provided.

    In summary, all the sources cited in the article are anonymous, and there are no first-party sources or direct evidence provided. This makes it difficult to verify the claims independently. The lack of named sources and concrete evidence raises questions about the credibility of the claims.

    Also, I will go ahead and paste my previous output from the other articles below (I'm going to post them as child comments so this isn't just a huge wall of text):

  • by archagon on 2/4/25, 4:11 PM

    > Overnight Wired reported that contrary to published reports that DOGE operatives at the Treasury Department are limited to ‘read only’ access to department payment systems, this is not true. A 25 year old DOGE operative named Marko Elez in fact has admin privileges on these critical systems which directly control and pay out roughly 95% of payments made by the US government including Social Security checks, tax refunds and virtually all contract payments. I can independently confirm these details based on going back to the weekend. I can further report that Elez not only has full access to these systems and has already made extensive changes to the code base for this critical payment system.

    > Josh, are you a little crestfallen they beat you to it? Well, sure but this is a business is an ocean of ‘arrgghhs’ and honestly the information being out is the big thing. Here are the additional details.

    > I’m told that Elez and possibly other DOGE operatives received full admin level access on Friday January 31st. The claim of ‘read only’ access was either false from the start or later fell through. The DOGE team, which appears to be mainly or only Elez for the purposes of this project, has already made extensive changes to the code base for the payment system. They have not locked out the existing programmer/engineering staff but have rather leaned on them for assistance which they appear to have painedly provided hoping to prevent as much damage as possible – ‘damage’ in the sense not of preventing the intended changes but avoiding crashes or a system-wide breakdown caused by rapidly pushing new code into production with a limited knowledge of the system and its dependencies across the federal government.

    > Phrases like “freaking out” are, not surprisingly, used to describe the reaction of the engineers who were responsible for maintaining the code base until a week ago. The changes that have been made all seem to relate to creating new paths to block payments and possibly leave less visibility into what has been blocked. I want to emphasize that the described changed are not being tested in a dev environment (i.e., not live) but have already been pushed into production. This is code that appears to be mainly the work of Elez who was first introduced to the system probably roughly a week ago and certainly not before the second Trump inauguration. The most recent information I have is that no payments have as yet been blocked and that the incumbent engineering team was able to convince Marko to push the code live to impact only a subset of the universe of payments the system controls. I have also heard no specific information about this access being used to drill down into the private financial or proprietary information of payment recipients, though it appears that the incumbent staff has only limited visibility into what Elez is doing with the access. They have however looked into extensively into the categories and identity of payees to see how certain payments can be blocked.

    https://www.democraticunderground.com/100219987126

  • by mandeepj on 2/4/25, 6:23 PM

    Musk got himself into this hole, so if a democrat president comes in 2029, there's a high chance now, he'd be deported. Can happen sooner as well, depending on midterms.

  • by treebeard901 on 2/5/25, 5:19 AM

    What if he's planning to replace the current systems with something that has a blockchain to more easily track payments?

    ...DogeCoin??

  • by gammarator on 2/4/25, 3:16 PM

    Serious question: is there anything other than their own scruples keeping these guys from siphoning off a few billion dollars for themselves?