Whistleblower details how DOGE may have taken sensitive NLRB data
414 comments
·April 15, 2025acdha
throw0101c
> This part is really damning: a real efficiency audit
There were already people auditing departments, but they got fired early on:
* https://en.wikipedia.org/wiki/Inspector_general#United_State...
* https://en.wikipedia.org/wiki/2025_dismissals_of_inspectors_...
There's even an entire agency devoted to auditing:
* https://en.wikipedia.org/wiki/Government_Accountability_Offi...
Trying to find efficiency by bringing in the private sector is not a new thing:
* https://en.wikipedia.org/wiki/Grace_Commission
* https://en.wikipedia.org/wiki/Brownlow_Committee
* https://en.wikipedia.org/wiki/Hoover_Commission
* https://en.wikipedia.org/wiki/National_Partnership_for_Reinv...
actionfromafar
But bringing in the mob sector? Is that new?
throw0101d
> But bringing in the mob sector? Is that new?
No. But getting rid of cronyism/nepotism did happen at one point:
* https://en.wikipedia.org/wiki/Civil_service_reform_in_the_Un...
rsynnott
Not entirely, though under rather different circumstances: https://en.wikipedia.org/wiki/Operation_Underworld
asciii
We let the word PayPal Mafia get to their head
Aurornis
> The subsequent message about Russian activity could be a coincidence–Internet background noise
These weren't random login attempts. It says the Russian login attempts had the correct login credentials of newly created accounts.
If the article is correct, the accounts were created and then shortly afterward the correct credentials were used to attempt a login from a Russian source.
That's a huge issue if true. Could be that someone's laptop is compromised.
acdha
It certainly needs a full investigation but I don’t want to presume the results. It wouldn’t be the first time some tool reported a wildly incorrect location for an IP address and the focus should be on DOGE breaking a number of federal laws and doing things which no legitimate auditor ever needs to do.
not_kurt_godel
Is it really a compromise if the opps (or should I say: "opps") are deliberately welcomed in with open arms? Granting Russians access here wouldn't even crack the top 10 gifts this administration has given to Putin in the last month.
avs733
>A real efficiency audit might need a lot of access to look for signs of hidden activity, but they’d never need to hide traces of what they did
In fact I would imagine they would do exactly the opposite because they would look at the mere ability to hide what they did as an audit finding.
freejazz
It also contradicts the idea that they are acting transparently.
z3c0
The use of DNS tunneling and skirting logs makes my head spin. Even if justification of exfiltrating 10GB of sensitive data could be made, there's widely available means of doing so that aren't the methods of state-sponsored hackers and the like.
ndsipa_pomu
> criminal or state-sponsored hackers
It looks to be both
tjpnz
Everything's going to have to be replaced and it's going to be hugely expensive. But that's not going to happen until at least 2029 - plenty of time for bad actors to get settled in and cause real damage.
c-linkage
[flagged]
geoka9
Oh, there will be elections. After all, even USSR and Russia had/have elections of all kinds.
setsewerd
Out of curiosity, since you appear to be very certain of this, what are you doing personally to deal with this? Are you leaving the country, moving into the hills, building a bunker, etc? I don't mean to sound antagonistic or anything, I genuinely would like to know.
johnnyanmac
Legit inquiry, do you think Trump will last to 2028? I personally don't, but it can go all sorts of ways.
As an aside, I also consider a civil war as "not making it". Having to wage war on the people you lead is fundamentally a failure of all systems.
aftbit
Do you honestly believe there have ever been _fair_ elections in America? Do you honestly believe there will not be at least _some_ kind of election in 2028? Even if it's staged, form must be respected.
Applejinx
Compromised implies they're not the Russian team to start with. I'd be looking for one of them to lose nerve and betray that ALL of them are the Russian team.
theteapot
> ... DOGE employees demanded the highest level of access ... When an IT staffer suggested a streamlined process to activate those accounts in a way that would let their activities be tracked, in accordance with NLRB security policies, the IT staffers were told to stay out of DOGE's way, the disclosure continues.
But did they actually "turn off logging"?? How do you even do that? Anyone know what access control system they are talking about?
jonnycomputer
I think we should be trying to understand what NxGenBdoorExtract is. NxGen is a system for NLRB. Bdoor is pretty evocative of a back door. He took he git offline or made it private. I can't find it on archive.org.
jonnycomputer
On the other hand, there are two things about that screenshot of the repo which is a little weird. First, the timestamp of that repo is cutoff, but, the items seem to be in reverse chronological order, which would put that repo sometime in 2021-ish, or before.
The owner could, of course, just make it public again, or put it back up, and end all the speculation.
snypher
Or who has access to DogeSA_2d5c3e0446f9@nlrb.microsoft.com?
https://oversightdemocrats.house.gov/sites/evo-subsites/demo...
tlogan
The unfortunate reality is that a half of the US population sees the NLRB as a burden on small businesses—primarily because its policies shift frequently, making compliance costly and complex for those without deep legal resources. [1]
And the same half of the population do not trust anything what npr.org says.
Understanding the above dynamic is key to grasping the current state of discourse in the U.S.
[1] https://edworkforce.house.gov/news/documentsingle.aspx?Docum...
the_doctah
[flagged]
axus
Some may claim that NPR is retaliating for getting defunded for the next 2 years.
null
brendoelfrendo
An odd claim, since NPR getting defunded is itself a retaliation from the current administration for not reporting positively enough about Trump.
null
axus
Oh yeah I'm predicting a claim will be made I disagree with. But I can imagine the mental gymnastics, post a prediction and watch for the outcome.
Usually there's a shakedown, did Trump ever make NPR an offer they "couldn't" refuse?
softwaredoug
Some context as I understand it is DOGE employees are all temporary gov't employees whose employment expires (in June?). Assuming they follow the law there (big If), then they scramble around these agencies with tremendous urgency trying to please Elon (or the powers that be?).
And they absolutely should be resisted with this deadline in mind...
tootie
They are using heavy-handed tactics. Per this article, the whistleblower was threatened. At the SSA, a 26-year veteran was dragged out of the building. Similar story at the IRS. DOGE has the backing of US Marshalls and the president. They can resist, but they'll just end up locked out.
bilekas
This isn't really a shock to me, but what's more frustrating I guess is that absolutely nothing will come of this. I have zero confidence any of this will even be cleaned up, just the same ranting about "fake news".
Really feels like the fox is already in the coop.
DrNosferatu
The “young and inexperienced” staffers narrative is very convenient to perform target operations on (specially) sensitive data.
jonnycomputer
And what is NxGenBdoorExtract?
pnutjam
This checks out because all those DOGE hires appear to be hackers, and they are now state sponsored. Most of them could never pass a basic background check, much less a TS or even public trust from one of the more invasive Federal agencies.
flanked-evergl
cite?
ceejayoz
https://www.reuters.com/world/us/doge-staffer-big-balls-prov...
> The best-known member of Elon Musk's U.S. DOGE Service team of technologists once provided support to a cybercrime gang that bragged about trafficking in stolen data and cyberstalking an FBI agent, according to digital records reviewed by Reuters.
flanked-evergl
[flagged]
campuscodi
DOGE staff are just behaving like a foreign cyber-espionage group at this point
ck2
That backdoor code is going to lurk for decades.
Not only will Musk be able to tap into it for years but foreign governments.
bilbo0s
This is the real problem, and the reason we never should have allowed access to sensitive government and societal data in this fashion.
null
the_doctah
Pure ridiculous conjecture.
tyrrvk
This coupled with the hot mike incident yesterday where Trump was saying how El Salvador needed to build more mega prisons for the "home grown..terrorists" is beyond concerning. Sure sounds like DOGE is compiling lists of 'less desirable s' that will soon be swept off the streets in unmarked vans. America has turned fully fascist.
the_doctah
[flagged]
dekhn
slippery slope isn't a fallacy, and we're discussing matters that can't be directly analyzed using purely logical arguments.
daveguy
Nah. It's getting pretty blatant, comrade.
This part is really damning: a real efficiency audit might need a lot of access to look for signs of hidden activity, but they’d never need to hide traces of what they did:
> Meanwhile, according to the disclosure and records of internal communications, members of the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access — evasive behavior that several cybersecurity experts interviewed by NPR compared to what criminal or state-sponsored hackers might do.
The subsequent message about Russian activity could be a coincidence–Internet background noise-but given how these are not very technically skilled and are moving very fast in systems they don’t understand, I’d be completely unsurprised to learn that they unintentionally left something exposed or that one of them has been compromised.