Whistleblower Accuses DOGE of Data-Harvesting Cover Up

A federal whistleblower has accused Elon Musk’s cost-cutting task force of harvesting sensitive data from an independent labor agency while attempting to cover its tracks using methods resembling cybercriminal tactics.

See Also: New Attacks. Skyrocketing Costs. The True Cost of a Security Breach.

Staffers from the Department of Government Efficiency began accessing sensitive federal systems at the National Labor Relations Board shortly after arriving at agency headquarters in early March, raising concerns over the information they were seeking and their reasons for obtaining it. Federal agencies store vast troves of confidential data on American businesses and taxpayers, safeguarded by strict privacy laws and stringent security regulations designed to protect against unauthorized access or misuse.

DOGE staffers disregarded National Labor Relations Board security protocols by manually deleting access logs, disabling monitoring tools and actively attempting to hide their digital footprints, according to a whistleblower complaint shared with Congress and first reported Tuesday by NPR. The complaint further revealed the board’s employees first became suspicious after identifying unusual login attempts originating from a Russia-based IP address.

The White House – which did not respond to a request for comment – has publicly defended DOGE’s probes into federal data across government agencies, despite mounting legal battles and growing criticism from cybersecurity experts warning of increased vulnerabilities and the potential for exploitation. NLRB’s acting press secretary flatly denied the whistleblower complaint, saying that DOGE never received access and that an internal review “determined that no breach of agency systems occurred.”

Daniel Berulis, the whistleblower behind the NLRB complaint, told NPR he “can’t attest to what their end goal was or what they’re doing with the data” in the alleged access of agency systems.

“But I can tell you that the bits of the puzzle that I can quantify are scary,” he added. “This is a very bad picture we’re looking at.”

Berulis wrote in the complaint that colleagues told him DOGE staffers requested tenant-owner-level accounts on the agency’s computer systems, granting unrestricted permissions to view, copy and modify sensitive data. Agency IT staff were allegedly directed not to interfere, enabling DOGE employees to disable security controls designed to block unauthorized or unsecured mobile devices from accessing the systems.

Berulis also says he received a “threatening note” taped to his door that featured photos of him walking his dog that apparently had been taken by a drone.

Reports of DOGE staffers bypassing security protocols at multiple federal agencies have raised alarms among security analysts and current officials including Berulis who have begun detailing those incidents in complaints and court filings nationwide. David Ambrose, acting CISO at the Bureau of the Fiscal Service and a 19-year career civil servant, wrote in sworn testimony that a DOGE staffer sent an unencrypted database with personally identifiable information to two senior Trump administration officials (see: US DOGE Staffer Sent Unencrypted Treasury Data Over Email
).

According to Berulis’ complaint, the Russia-based IP address began attempting to log into NLRB’s systems minutes after DOGE gained access. He also said he tracked sensitive data leaving NLRB’s “nucleus,” a case management system within the agency’s computer system.

National Labor Relations Board is actively investigating several cases involving Musk’s companies, and Musk’s SpaceX has filed a lawsuit accusing the agency of overreach and challenging its constitutional authority. Musk, now a special adviser to the president, has pledged to recuse himself from related matters, but there’s no evidence he’s actually done so in cases involving his businesses or DOGE.