A Chilling Note and a Cloud of Suspicion
It’s the kind of morning Daniel Berulis will never forget. As he paused outside his office—coffee in one hand, laptop bag slung over his shoulder—a crisp, white envelope waited on his door. Inside? A single sheet with detailed personal information, plus aerial photos of him walking his dog, all apparently taken by drone. For Berulis, a cybersecurity specialist at the National Labor Relations Board (NLRB), the message was unmistakable: someone was watching, and they didn’t want him talking about what he’d just discovered—one of the most audacious government data breaches in recent history[1][2].
The events that followed would ripple through government corridors, spark political uproar, and leave tens of millions of Americans asking: “Is my data safe?”
Behind the Curtain: DOGE’s Sudden Rise
In the wake of Donald Trump’s second inauguration, the Department of Government Efficiency—known as DOGE—emerged, led by Elon Musk and tasked with rooting out waste and cutting costs across federal agencies[2]. In theory, it’s a classic Silicon Valley promise: smarter government through technology. But to many insiders, DOGE quickly became known for something else—a willingness to break norms, bypass oversight, and, according to multiple whistleblowers, endanger critical government data in its pursuit of efficiency[2][4].
Berulis wasn’t alone in his alarm. Charles Borges, chief data officer at the Social Security Administration, warned that DOGE uploads had exposed personal information of hundreds of millions to hacking and identity theft risks—potentially requiring every American to be issued a new Social Security number at enormous cost[4]. The revelations were staggering.
Anatomy of a Breach
In early March, Berulis and fellow NLRB tech staff noticed strange signs: unfamiliar software tools that disabled security systems, erased access logs, and allowed unusual amounts of data to move undetected out of the agency’s servers[2]. These weren’t mere tracking tools. They resembled the software used by cybercriminals to avoid detection, obscure their tracks, and “exfiltrate”—that is, steal—information from secure systems.
Then, things got weirder. Within minutes of DOGE’s access to NLRB systems, someone with a Russian IP address began to attempt logins—using brand new DOGE credentials and, somehow, the correct usernames and passwords[3]. These efforts, described by Berulis as “near real-time,” were blocked but sounded alarm bells. Was it an internal leak, foreign espionage, or something stranger?
Berulis reported seeing at least 10 gigabytes of data disappear—potentially far more, since sophisticated compression could hide the true scale[2]. For an agency where data rarely flows out, such a spike was “extremely unusual.”
Human Faces: The Cost of Lost Trust
Picture Angela Martinez, a fictional federal worker and single mom. She depends on Social Security and labor protections to care for her disabled child. One night, she gets an email from her banker: someone has tried to open a dozen credit cards in her name. Angela’s Social Security number, leaked in the shadowy breach, is everywhere. “I trusted the government to guard our lives,” she whispers. “But now I’m watching my whole identity slip away, in real time.”
For families like Angela’s, front-page headlines about government hacks aren’t just political theater—they are emergencies.
Breaking Norms: Orders from Above
According to Berulis’ testimony filed with the Senate Intelligence Committee, NLRB bosses instructed staff to not resist DOGE’s requests, hand over accounts, and stay out of the group’s way[2]. When Berulis raised the alarm, his concerns were quietly dismissed. Weeks later, his attempts to report the breach to US-CERT (a federal cybersecurity watchdog) were blocked by mysterious “instructions from above.” Expert statements from invented government analysts echoed the concern: “When investigative authority is cut off, there’s only so much we can do—and that’s deeply worrying,” said fictional cybersecurity analyst Dr. Teresa Caldwell.
The Aftermath: Lawsuits, Denials, and Fallout
Congress responded with outrage. Representative Gerald Connolly declared DOGE’s actions “technological malfeasance and illegal activity,” calling for urgent investigations at the Department of Labor and the NLRB[2]. Multiple lawsuits—filed by agency employees and advocacy groups—challenged DOGE’s sweeping access, sparking a bitter fight in Washington.
Official agency spokespeople denied wrongdoing, claiming internal reviews showed no breach, and that DOGE members never received data access[1][2]. But mounting evidence, whistleblower testimonies, and deleted logs left a trail that proved difficult to ignore.
What’s Next / Could It Happen Again?
The questions now echo far beyond Washington. Will future “efficiency missions” repeat these mistakes—or has the DOGE scandal become a turning point for how government defends its digital crown jewels? Experts warn that unless agencies reclaim oversight and transparency, next time, lives and livelihoods could be on the line.
The final question lingers:
If rapid, unchecked tech innovation can breach our most guarded systems, who is truly watching the watchers?
FAQ
-
What was the DOGE data breach?
DOGE, a government efficiency group led by Elon Musk, allegedly accessed and removed sensitive data from the NLRB and Social Security Administration, triggering whistleblower complaints, lawsuits, and Congressional investigations. -
How did DOGE bypass security controls?
According to whistleblowers, DOGE deployed hacker-like tools that erased logs, disabled monitoring, and enabled undetected data transfers[2]. -
Did foreign actors play a role?
Berulis’ testimony notes attempted logins from Russian IPs, using correct Doge credentials immediately after the breach began[2][3]. -
Who’s been affected by the DOGE data breach?
Potentially millions, especially those in Social Security databases, may be at risk of identity theft and fraud[4]. -
Can such a government data breach happen again?
Analysts warn that unless oversight and security improve, similar tech-driven breaches remain a real threat. -
What’s being done about the DOGE breach?
Congress, government agencies, and advocacy groups have launched investigations, while internal reviews and legal battles continue[2].