from Hacker News

Whistleblower: Doge came in, data went out, and Russians started to login

by HatchedLake721 on 4/18/25, 11:31 AM with 9 comments

• by casenmgreen on 4/18/25, 11:49 AM

  Just read of this on BSky.

  Has some of the protected disclosure document from the whistleblower.

  https://bsky.app/profile/mattjay.com/post/3ln2dgoksce2e

  Looks like Elon's staff went in and made a copy of everything - which in this case NLRB, so sensitive stuff, but any state department going to have a ton of sensitive stuff - and sent it who knows where; this after disabling all logging and a ton of security, presumably to try to cover their tracks.

  This is bad. These guys are looking like bad actors, with State-level authorization for access to everything.

  Also looks like they're kids and don't have the hang of security, and the professional Russian State run APTs have hacked them.

• by mooreds on 4/18/25, 11:58 AM

  The NPR story mentioned in the tweet at the bottom of this thread is discussed here: https://news.ycombinator.com/item?id=43691142

  But it doesn't dig as deep as this thread.

• by grakasja on 4/18/25, 3:15 PM

  Isn't an out-of-country rule relatively trivial to get around using a domestic proxy?

• by sigwinch on 4/18/25, 12:44 PM

  Watch carefully for the official who demands logins be permitted from outside the country.