What the hell is DOGE doing on US government IT systems? (Whistleblower report) (1 Viewer)

[superchuck500]

This appears like its going to need a thread of its own: there have now been multiple whistleblower reports about what DOGE is doing (and not doing) on federal information systems. We still don't know what they have been installing or why - and there has been zero transparency about it from day 1.

 

[Dragon]

Denmark has a centralized master database system, but the way DoGE's is implemented—if you can even call it official—feels more like a "Musk project": ambitious, flashy, and worryingly short on basic security features.

While all personal data is technically anonymized, identifying a specific individual still requires accessing a separate, tightly controlled identity database. Every lookup is logged, and the person making the request must state a valid reason. These requests are investigated and verified. Though there have been some cases of unauthorized access, they are usually caught quickly, and those responsible face serious legal consequences, including long prison sentences.

As a citizen, I can at any time request a full report showing who has accessed my data—when, what kind of data, and why. In most cases, it's routine: my doctor reviewing test results, the social services confirming my retirement status, or the tax office preparing my annual tax return.

 

[MT15]

Denmark has a centralized master database system, but the way DoGE's is implemented—if you can even call it official—feels more like a "Musk project": ambitious, flashy, and worryingly short on basic security features.

While all personal data is technically anonymized, identifying a specific individual still requires accessing a separate, tightly controlled identity database. Every lookup is logged, and the person making the request must state a valid reason. These requests are investigated and verified. Though there have been some cases of unauthorized access, they are usually caught quickly, and those responsible face serious legal consequences, including long prison sentences.

As a citizen, I can at any time request a full report showing who has accessed my data—when, what kind of data, and why. In most cases, it's routine: my doctor reviewing test results, the social services confirming my retirement status, or the tax office preparing my annual tax return.

They’re doing the opposite of all that. They intend to use this database for outright surveillance. They say they will use it to locate undocumented immigrants, but if anyone believes that is the only use for it they are being dangerously naive. They are doing it with zero transparency, ignoring or outright disabling safety protocols.

 

[Sendai]

I asked you several pointed questions about their using illegal methods and ignoring safety protocols. There is credible evidence they have either been hacked by Russia or they are working with Russia. You have ignored all of that evidence.

I had thought you might see the issues with a master data base system. Especially since they haven’t really evidenced any clear competency, rather quite the opposite with their many errors.

Are you comfortable with what they are doing

You asked this

“

I would love to get Sendai to comment on this. Are these still the guys who “catch rockets”?

Does he still think they are looking for waste fraud and abuse?

Not several pointed questions.

Not comfortable with a whole lot of what’s going on. I just don’t constantly carry on about it.

And if you think the government is protecting your data from China, Russia, etc al. then you are the one who is naive.

And it’s a good bet the system will be used to follow the money.

 

[J-DONK]

You asked this

“


Not several pointed questions.

Not comfortable with a whole lot of what’s going on. I just don’t constantly carry on about it.

And if you think the government is protecting your data from China, Russia, etc al. then you are the one who is naive.

And it’s a good bet the system will be used to follow the money.

Is your age accurate? It's interesting to see a 74 year old man trying to talk about info sec.

The government is the top dog when it comes to info sec.

NSA, and CISA are it. Thats who tech bro's go to when they get hacked by China, and need to figure out how to harden their infra.

The safest place for your data has always been the federal government.

You.have.no.idea.what.you.are.talking.about.

 

[RobF]

You asked this

“


Not several pointed questions.

What?

Are you having short-term memory problems, or deliberately trolling?

@MT15 asked you:

Why no transparency?

Why are they breaking laws set up for safe handling of data?

Why not follow established safety protocols?

Why leave a threatening note on the whistleblower’s home with pictures of him being surveilled by a drone?

Why did multiple log-in attempts from Russia occur within 15 minutes of DOGE being issued log-in credentials? Using the newly created user names and passwords?

How do you know any of the data bases need to be updated?

Why would consolidating all these disparate data bases be a good idea?

That certainly qualifies as 'several pointed questions'. And you think you can, apparently, just pretend that @MT15 didn't post anything at all inbetween the initial post and stating "I asked you several pointed questions" even though you quoted and replied to the posts with the pointed questions???

I continue to be baffled as to why some people want to spend their free time posting on a political forum in order to achieve nothing but destroying their own credibility.

 

[Sendai]

What?

Are you having short-term memory problems, or deliberately trolling?

@MT15 asked you:









That certainly qualifies as 'several pointed questions'. And you think you can, apparently, just pretend that @MT15 didn't post anything at all inbetween the initial post and stating "I asked you several pointed questions" even though you quoted and replied to the posts with the pointed questions???

I continue to be baffled as to why some people want to spend their free time posting on a political forum in order to achieve nothing but destroying their own credibility.

“I would love to get Sendai to comment on this. Are these still the guys who “catch rockets”?

Does he still think they are looking for waste fraud and abuse?”

This is the question I was responding to.

 

[Sendai]

Is your age accurate? It's interesting to see a 74 year old man trying to talk about info sec.

The government is the top dog when it comes to info sec.

NSA, and CISA are it. Thats who tech bro's go to when they get hacked by China, and need to figure out how to harden their infra.

The safest place for your data has always been the federal government.

You.have.no.idea.what.you.are.talking.about.

“Almost half of federal government agencies have had their data security breached, according to a recent survey of security and IT management professionals. While that’s a sobering number, it’s also not surprising, given that these organizations are prized targets for cybercriminals and rogue nation-states.”

“
The scope of data threat problems for federal agencies cannot be overstated. As noted above, about half (49%) of federal agencies and organizations have been breached. On the plus side, the number of organizations reporting a recent breach in the last 12 months has dropped from 47% in 2021 to 13% in 2024. This reduction is the result of a combination of factors, including directives such as:

• The White House EO 14028 on Improving the Nation’s Cybersecurity
• The National Cybersecurity Strategy and Implementation Plan
• National Security Memorandum 8

The government is not taking data threats lightly, including with continuing heavy investment in cybersecurity. The federal fiscal 2025 budget request includes approximately $13 billion for civilian cybersecurity-related activities.

Despite these efforts, the cyberattack landscape is growing quickly. Nine out of 10 federal organizations (93%) have experienced an increase in attacks — specifically in the areas of malware, phishing and ransomware.”

New federal data threats demand new mitigation technologies

Gina Scinta, the deputy CTO at Thales Trusted Cyber Technologies, says new survey data provides insights for how agencies better secure data and networks.

federalnewsnetwork.com

We are improving.

 

[cuddlemonkey]

“I would love to get Sendai to comment on this. Are these still the guys who “catch rockets”?

Does he still think they are looking for waste fraud and abuse?”

This is the question I was responding to.

And then she asked you a series of questions you completely ignored. Why did you respond to the post containing those questions without actually addressing them?

 

[Dragon]

“Almost half of federal government agencies have had their data security breached, according to a recent survey of security and IT management professionals. While that’s a sobering number, it’s also not surprising, given that these organizations are prized targets for cybercriminals and rogue nation-states.”

“
The scope of data threat problems for federal agencies cannot be overstated. As noted above, about half (49%) of federal agencies and organizations have been breached. On the plus side, the number of organizations reporting a recent breach in the last 12 months has dropped from 47% in 2021 to 13% in 2024. This reduction is the result of a combination of factors, including directives such as:

• The White House EO 14028 on Improving the Nation’s Cybersecurity
• The National Cybersecurity Strategy and Implementation Plan
• National Security Memorandum 8

The government is not taking data threats lightly, including with continuing heavy investment in cybersecurity. The federal fiscal 2025 budget request includes approximately $13 billion for civilian cybersecurity-related activities.

Despite these efforts, the cyberattack landscape is growing quickly. Nine out of 10 federal organizations (93%) have experienced an increase in attacks — specifically in the areas of malware, phishing and ransomware.”

New federal data threats demand new mitigation technologies

Gina Scinta, the deputy CTO at Thales Trusted Cyber Technologies, says new survey data provides insights for how agencies better secure data and networks.

federalnewsnetwork.com

We are improving.

So the numbers increased during Trump’s first presidency, and then dropped under Biden—before Trump and Musk started meddling again. I can’t help but wonder what those numbers will look like in a year—if they’re even being honest about it.


I worked in IT security for the Danish government for two years, in the agency responsible for assigning Social Security Numbers to every newborn and legal resident. Based on that experience, everything I hear about DOGE completely breaks every rule in the book when it comes to data security. The way they’re handling things over there wouldn’t just get you fired—it could easily land you in jail.

 

[RobF]

And then she asked you a series of questions you completely ignored. Why did you respond to the post containing those questions without actually addressing them?

They genuinely appear to be ignoring those posts and any references to them and hoping no-one notices.

That in itself speaks volumes; sometimes the only way to maintain an incoherent and false view of reality is to just ignore everything that exposes it as such

 

[bird]

“Almost half of federal government agencies have had their data security breached, according to a recent survey of security and IT management professionals. While that’s a sobering number, it’s also not surprising, given that these organizations are prized targets for cybercriminals and rogue nation-states.”

“
The scope of data threat problems for federal agencies cannot be overstated. As noted above, about half (49%) of federal agencies and organizations have been breached. On the plus side, the number of organizations reporting a recent breach in the last 12 months has dropped from 47% in 2021 to 13% in 2024. This reduction is the result of a combination of factors, including directives such as:

• The White House EO 14028 on Improving the Nation’s Cybersecurity
• The National Cybersecurity Strategy and Implementation Plan
• National Security Memorandum 8

The government is not taking data threats lightly, including with continuing heavy investment in cybersecurity. The federal fiscal 2025 budget request includes approximately $13 billion for civilian cybersecurity-related activities.

Despite these efforts, the cyberattack landscape is growing quickly. Nine out of 10 federal organizations (93%) have experienced an increase in attacks — specifically in the areas of malware, phishing and ransomware.”

New federal data threats demand new mitigation technologies

Gina Scinta, the deputy CTO at Thales Trusted Cyber Technologies, says new survey data provides insights for how agencies better secure data and networks.

federalnewsnetwork.com

We are improving.

No, we are not.

 

[MT15]

“I would love to get Sendai to comment on this. Are these still the guys who “catch rockets”?

Does he still think they are looking for waste fraud and abuse?”

This is the question I was responding to.

And because your response was wholly inadequate I asked several follow up questions. I know you saw them. You apparently would rather not answer those questions.

 

[Sendai]

I asked you several pointed questions about their using illegal methods and ignoring safety protocols. There is credible evidence they have either been hacked by Russia or they are working with Russia. You have ignored all of that evidence.

I had thought you might see the issues with a master data base system. Especially since they haven’t really evidenced any clear competency, rather quite the opposite with their many errors.

Are you comfortable with what they are doing?

I simply read a tirade by you that didn’t seem worth effort. I have no idea what’s legal, or whether they are violating safety protocols, etc. As I said, it appears they are building a modern data base sourced from antique legacy systems and letting the legacy systems continue to do their jobs. And I suspect the intent of the data base is to follow the money.

 

[MT15]

We are improving.

No, that’s an inaccurate characterization of what is happening. The article is discussing the year 2024, when we did improve. I don’t think any rational person could make the claim that we have seen anything but deterioration since Trump and Musk got involved.

Here’s an AI overview of what Musk has done to cybersecurity so far. Add this stuff to the recent whistleblower account that security systems were disabled by DOGE and that passwords and user names issued to them were immediately compromised by foreign state actors, and this administration’s known and proven cyber idiocy and you cannot seriously think our cybersecurity hasn’t suffered under DOGE and Trump.

“Several government cybersecurity programs have faced cuts in funding or staffing, including programs at the Cybersecurity and Infrastructure Security Agency (CISA). Key initiatives like the Common Vulnerabilities and Exposures (CVE) database, and programs supporting state and local election officials have been affected. Concerns have been raised about the impact of these cuts on the nation's ability to mitigate cyber threats.

Here's a more detailed look at the cuts:


1. CISA Job Cuts:

• CISA, the agency responsible for federal cybersecurity, has experienced a wave of job cuts.
• These cuts are part of a broader effort by the Department of Homeland Security (DHS) to reduce its workforce.
• Some sources suggest the agency is aiming to reduce its workforce by 1,300 employees.
• The Stakeholder Engagement Division, responsible for information sharing and partnerships, is expected to be significantly impacted.
• These cuts have been criticized as detrimental to the nation's cybersecurity capabilities, especially given the rising threat landscape.
  

2. Funding Cuts to ISACs:

• CISA has ended funding for two ISACs (Information Sharing and Analysis Centers) operated by the Center for Internet Security (CIS).
  
  
• These included the Elections Infrastructure ISAC (EI-ISAC), which focused on election security, and the Multi-State ISAC (MS-ISAC), which supported state and local governments.
  
  
• The EI-ISAC has effectively been shut down, and the MS-ISAC is at risk of losing significant support.
  
  
• The funding cuts have been criticized as potentially weakening the nation's cybersecurity posture, especially for state and local governments.
  

3. CVE Program Funding:

• The US government funding for the CVE (Common Vulnerabilities and Exposures) Program, which maintains a database of software vulnerabilities, was set to expire.
• This program is crucial for informing security patches and incident responses.
• CISA took steps to extend the contract and avoid a break in service, according to a statement on Forbes.
  

4. Department of Government Efficiency (DOGE):

• The DOGE, a newly established agency within the Trump administration, has been involved in eliminating or reducing federal contracts and government programs.
• This has led to cuts in various areas, including cybersecurity programs.
• Critics have raised concerns about the impact of DOGE's actions on national cybersecurity.”

 

[MT15]

I simply read a tirade by you that didn’t seem worth effort. I have no idea what’s legal, or whether they are violating safety protocols, etc. As I said, it appears they are building a modern data base sourced from antique legacy systems and letting the legacy systems continue to do their jobs. And I suspect the intent of the data base is to follow the money.

Follow what money? Are you still clinging to the belief that there is massive fraud that DOGE is going to uncover? They’re not looking for fraud. They’re looking to install a surveillance state that they control, from all indications.

Also, nice job smearing me yet again. Yes, I get good and pissed off when people like Trump and Musk try to destroy my government and my country. I’m not the type to sit around and make excuses for evil people doing bad things. You do you though.

It isn’t me saying they are ignoring safety protocols and breaking laws. We have sworn testimony from a whistleblower. Why is it so easy for you to dismiss what is actually happening for your pie-in-the-sky view that these guys are all totally on the level? We have so much evidence of bad intentions by now, plus the total secrecy and constant lies also speak to bad intentions.

I’m really curious about this - why is it so important to you to dismiss all the evidence of ill intent and illegal activity? Do the ends justify the means to you? Sure seems like it.

 

[cuddlemonkey]

I simply read a tirade by you that didn’t seem worth effort. I have no idea what’s legal, or whether they are violating safety protocols, etc. As I said, it appears they are building a modern data base sourced from antique legacy systems and letting the legacy systems continue to do their jobs. And I suspect the intent of the data base is to follow the money.

Your complete lack of curiosity, honesty, and desire for accountability is noted.

 

[fooferdoggie]

No, that’s an inaccurate characterization of what is happening. The article is discussing the year 2024, when we did improve. I don’t think any rational person could make the claim that we have seen anything but deterioration since Trump and Musk got involved.

you missed how they will no longer monitor Russia for security.
also they will no longer go after crypto scams.

 

[J-DONK]

“Almost half of federal government agencies have had their data security breached, according to a recent survey of security and IT management professionals. While that’s a sobering number, it’s also not surprising, given that these organizations are prized targets for cybercriminals and rogue nation-states.”

“
The scope of data threat problems for federal agencies cannot be overstated. As noted above, about half (49%) of federal agencies and organizations have been breached. On the plus side, the number of organizations reporting a recent breach in the last 12 months has dropped from 47% in 2021 to 13% in 2024. This reduction is the result of a combination of factors, including directives such as:

• The White House EO 14028 on Improving the Nation’s Cybersecurity
• The National Cybersecurity Strategy and Implementation Plan
• National Security Memorandum 8

The government is not taking data threats lightly, including with continuing heavy investment in cybersecurity. The federal fiscal 2025 budget request includes approximately $13 billion for civilian cybersecurity-related activities.

Despite these efforts, the cyberattack landscape is growing quickly. Nine out of 10 federal organizations (93%) have experienced an increase in attacks — specifically in the areas of malware, phishing and ransomware.”

New federal data threats demand new mitigation technologies

Gina Scinta, the deputy CTO at Thales Trusted Cyber Technologies, says new survey data provides insights for how agencies better secure data and networks.

federalnewsnetwork.com

We are improving.

You have no idea what you are talking about. You need stop googling crap to try to back your opinion. Go lookup up with the CISA, NSA, and FBI do for corporations that get hacked, and the guidance they give.

I have no idea why you replied to me.

Nation state hacking is always extremely hard for corporations to negate. Elon Musk is not it. You sound like an idiot.