Whistle blower IT Staffer Daniel Berulis identified DOGE staffers accessed National Labor Relations Board internal data, and then deleted the accounts they used to access that data.
There was a large, and exceptional exfiltration of NLRB data by one of those deleted accounts. DOGE has allowed STARLINK access to US Govt systems; the destination of this exfiltration was not able to be ascertained.
The DOGE staffers disabled core NLRB IT security systems that protected access including multifactor authentication (which requires an additional code, beyond a user name and password to login) and also opened a network interface that faces towards a public Internet; something that would allow exfiltration of data.
An IP address in Russia used one of DOGE accounts within FIFTEEN MINUTES of the account being created – the Russian “hacker” – or perhaps DOGE employee, living in Russia? …then had 20 login attempts before giving up. That person in Russia was using both a legitimate user name, and a valid password.
The NLRB also had a security policy that did not allow out of country logins. DOGE, intentionally, or through ignorance, did not disable that policy.
Was the Russian account user told that multifactor authentication was disabled, and therefor assumed the account could be logged in, and yet DOGE was simply not aware of the further security barrier, which prevented out of country logins?
It would seem likely that the login credentials were provisioned by DOGE to the user of the Russian account, with the attempt of allowing access. For a username and password to have been “guessed” within fifteen minutes of the account being created would be very unlikely, if not impossible.
The Whistle-blower Daniel Berulis was threatened with a nasty, menacing note, attached to his home address, including a photo of him walking his dog taken by a drone – telling him to desist with his reports. This is the first time that a US Govt whistle-blower has received such a threat.
Full interview and transcript of PBS News’s interview of Daniel Berulis is available here
