Whistleblower reports terrible things due to DOGE

echo123 writes: NLRB employee Daniel Berulis reports on CNN that within 15 minutes of DOGE staff receiving new accounts with access to highly sensitive Department of Labor (DoL) data, someone within Russia logged in with the correct username and password over 20 times, but were rejected by location-related conditional access policies. Additionally a traffic spike of 10Gb of data exiting DoL was witnessed which is highly unusual activity at anytime.

Also, DOGE is using Starlink to exfiltrate data, and Starlink is known to be hacked by Russia.

He also reports this activity is not limited to the DoL, it has been witnessed across the government I.T. infrastructure, and that sensitive databases have recently been exposed to the open internet.

Daniel Berulis also received a clear message to stop looking. Part of the package he received included drone footage of him walking his dog.

Fast forward to 4min 15seconds if you're in a hurry.

= = =

Via Reuters

Berulis alleged in the affidavit that there are attempted logins to NLRB systems from an IP address in Russia in the days after DOGE accessed the systems. He told Reuters Tuesday that the attempted logins apparently included correct username and password combinations but were rejected by location-related conditional access policies.

Berulis' affidavit said that an effort by him and his colleague to formally investigate and alert the Cybersecurity and Infrastructure Security Agency (CISA) was disrupted by higher-ups without explanation.

As he and his colleagues prepared to pass information they'd gathered to CISA he received a threatening note taped to the door of his home with photographs of him walking in his neighborhood taken via drone, Andrew Bakaj, Whistleblower Aid's chief legal counsel, said in his submission to Cotton and Warner.

"Unlike any other time previously, there is this fear to speak out because of reprisal," Berulis told Reuters. "We're seeing data that is traditionally safeguarded with the highest standards in the United States government being taken and the people that do try to stop it from happening, the people that are saying no, they're being removed one by one."

via NPR

The top Democrat on the House Oversight Committee is calling for an investigation into DOGE's access to the National Labor Relations Board following exclusive NPR reporting on sensitive data being removed from the agency.

Ranking Member Gerry Connolly, D-Va., sent a letter Tuesday to acting Inspector General at the Department of Labor Luiz Santos and Ruth Blevins, inspector general at the NLRB, expressing concern that DOGE "may be engaged in technological malfeasance and illegal activity."

"According to NPR and whistleblower disclosures obtained by Committee Democrats, individuals associated with DOGE have attempted to exfiltrate and alter data while also using high-level systems access to remove sensitive information—quite possibly including corporate secrets and details of union activities," Connolly wrote in a letter first shared with NPR. "I also understand that these individuals have attempted to conceal their activities, obstruct oversight, and shield themselves from accountability."

This post went from red to blue very fast

[echo123]

This firehose submission was modded from red to blue in about 40 minutes. To my surprise. ~echo123

Re:

[echo123]

Not long after my last post, my submission went green and stayed that way until I checked just now and its blue again. That's interesting, and worth noting.

Re:

[davidwr]

I've seen that "starts high, drops through the rainbow to blue over a few hours" behavior with some of my posts as well. Maybe it's a "high karma early boost with a decay factor" bonus??? That's just a guess.

In any case, you are back to red now.

Re:

[sysrammer]

What is this "red, green, blue" of which you speak?

--
Posted from my monochrome monitor

Re:

[echo123]

What is this "red, green, blue" of which you speak?

--
Posted from my monochrome monitor

In order to see the current rating color of the slashdot submission, one must be using a desktop web browser. Slashdot's mobile display is not Responsive as are most websites in 2025. Slashdot renders two different ways.

Under the submission title and to the left of, "submitted by USERNAME" is a beaker icon that changes color, depending on the submissions rated popularity. Here's the HTML for the current red color*:

[span] class="icon-beaker pop1 " alt="Popularity" title="Filter Firehose to entries rated red

Re:

[sysrammer]

Got it. See it. Many thanks. And yeah mobile sucks so I rarely use it.

Re:

[echo123]

I've seen that "starts high, drops through the rainbow to blue over a few hours" behavior with some of my posts as well. Maybe it's a "high karma early boost with a decay factor" bonus??? That's just a guess.

In any case, you are back to red now.

Just a wild guess through observation with no proof, but it seems possible certain accounts, (of which seem to be finite), worked to bury my submission initially, and since then it has slowly and legitimately worked its way back up to being legitimately popular and not firehose spam.

ArsTechnica

[echo123]

More details

https://arstechnica.com/tech-p... [arstechnica.com]

PBS NewsHour

[echo123]

NLRB whistleblower claims Musk's DOGE potentially caused significant security breach [youtube.com]