from Hacker News

Government IT whistleblower calls out DOGE, says he was threatened at home

by sciurus on 4/16/25, 7:50 PM with 6 comments

  • by rawgabbit on 4/16/25, 8:26 PM

    The article has the link to the whistleblower report. https://whistlebloweraid.org/wp-content/uploads/2025/04/2025...

    In it, the whistleblower said DOGE demanded and got god access to the NLRB Azure instance. And they proceeded to turn several things off such as MFA for mobile devices. He also detected login attempts from Russia using DOGE credentials. He apparently took screenshots using his phone’s camera including the powershell commands (similar to CURL) to invoke packages from GitHub.

  • by insane_dreamer on 4/17/25, 5:08 AM

    If you're doing an actual efficiency audit, you are not doing half of what is reported here.

    And then after they launched a formal review of the breaches:

    > But on April 3 or 4, the assistant CIO "and I were informed that instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report," Berulis wrote.

    It's truly shocking what the US Gov is letting DOGE get away with, with no oversight.

  • by inverted_flag on 4/16/25, 8:10 PM

    > Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (e.g. Usernames/Passwords)

    Looks like they actually were compromised like many people suspected given their poor security practices.

  • by quantified on 4/16/25, 8:35 PM

    > Bakaj said they notified law enforcement about an "absolutely disturbing" threat Berulis received on April 7. Someone "taped a threatening note to Mr. Berulis' home door with photographs—taken via a drone—of him walking in his neighborhood," Bakaj wrote. "The threatening note made clear reference to this very disclosure he was preparing for you, as the proper oversight authority. While we do not know specifically who did this, we can only speculate that it involved someone with the ability to access NLRB systems."

    Elon Musk is now overseeing threats on Federal employees. His fans must be thrilled.