A cybersecurity specialist with the U.S. National Labor Relations Board is saying that technologist with Elon Musk’s cost-cutting DOGE group may have caused a security breach after illegally removing sensitive data from the agency’s servers and trying to cover their tracks.
In a lengthy testimonial sent to the Senate Intelligence Committee and made public this week, Daniel Berulis said in sworn whistleblower complaint that soon after the workers with President Trump’s DOGE (Department of Government Efficiency) came into the NLRB’s offices in early March, he and other tech pros with the agency noticed the presence of software tools similar to what cybercriminals use to evade detection in agency systems that disabled monitoring and other security features used to detect and block threats.
The testimony was sent to Senator Tom Cotton (R-AR), chairman of the committee, and Senator Mark Warner (D-VA), the panel’s vice chairman.
For example, one such tool generated IP addresses for web scraping and brute-force operations, he said. At one time, Berulis saw that controls used to prevent insecure or unauthorized mobile devices from logging into the agency’s cloud tenant were disabled in Microsoft’s Azure Purview. The DOGE crew also deleted access logs.
Because of such measures, Berulis and others were unable to track who was accessing the data or where the data was going, though he could see that vast amounts of data were being moved.
At one point, he said, he...
A Guatemalan national residing in the U.S. illegally has been indicted for his alleged role in smuggling a 14-year-old girl into the country. Juan Tiul Xi, 26, was indicted on Thursday for alleged...