A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from an Internet address in Russia that tried to use valid credentials for a newly-created DOGE user account.
The cover letter from Berulis’s whistleblower statement, sent to the leaders of the Senate Select Committee on Intelligence.
The allegations came in an April 14 letter to the Senate Select Committee on Intelligence, signed by Daniel J. Berulis, a 38-year-old security architect at the NLRB.
NPR, which was the first to report on Berulis’s whistleblower complaint, says NLRB is a small, independent federal agency that investigates and adjudicates complaints about unfair labor practices, and stores “reams of potentially sensitive data, from confidential information about employees who want to form unions to proprietary business information.”
The complaint documents a one-month period beginning March 3, during which DOGE officials reportedly demanded the creation of all-powerful “tenant admin” accounts in NLRB systems that were to be exempted from network logging activity that would otherwise keep a detailed record of all actions taken by those accounts.
Berulis said the new DOGE accounts had unrestricted permission to read, copy, and alter information contained in NLRB databases. The new accounts also could restrict log visibility, delay retention, route logs elsewhere, or even remove them entirely — top-tier user privileges that neither Berulis nor his boss possessed.
Berulis writes that on March 3, a black SUV accompanied by a police escort arrived at his building — the NLRB headquarters in Southeast Washington, D.C. The DOGE staffers did not speak with Berulis or anyone else in NLRB’s IT staff, but instead met with the agency leadership.
“Our acting chief information officer told us not to adhere to standard operating procedure with the DOGE account creation, and there was to be no logs or records made of the accounts created for DOGE employees, who required the highest level of access,” Berulis wrote of their instructions after that meeting.
“We have built in roles that auditors can use and have used extensively in the past but would not give the ability to make changes or access subsystems without approval,” he continued. “The suggestion that they use these accounts was not open to discussion.”
Berulis found that on March 3 one of the DOGE accounts created an opaque, virtual environment known as a “container,” which can be used to build and run programs or scripts without revealing its activities to the rest of the world. Berulis said the container caught his attention because he polled his colleagues and found none of them had ever used containers within the NLRB network.
Berulis said he also noticed that early the next morning — between approximately 3 a.m. and 4 a.m. EST on Tuesday, March 4 — there was a large increase in outgoing traffic from the agency. He said it took several days of investigating with his colleagues to determine that one of the new accounts had transferred approximately 10 gigabytes worth of data from the NLRB’s NxGen case management system.
Berulis said neither he nor his co-workers had the necessary network access rights to review which files were touched or transferred — or even where they went. But his complaint notes the NxGen database contains sensitive information on unions, ongoing legal cases, and corporate secrets.
“I also don’t know if the data was only 10gb in total or whether or not they were consolidated and compressed prior,” Berulis told the senators. “This opens up the possibility that even more data was exfiltrated. Regardless, that kind of spike is extremely unusual because data almost never directly leaves NLRB’s databases.”
Berulis said he and his colleagues grew even more alarmed when they noticed nearly two dozen login attempts from a Russian Internet address (83.149.30,186) that presented valid login credentials for a DOGE employee account — one that had been created just minutes earlier. Berulis said those attempts were all blocked thanks to rules in place that prohibit logins from non-U.S. locations.
“Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating,” Berulis wrote. “There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers.”
According to Berulis, the naming structure of one Microsoft user account connected to the suspicious activity suggested it had been created and later deleted for DOGE use in the NLRB’s cloud systems: “DogeSA_2d5c3e0446f9@nlrb.microsoft.com.” He also found other new Microsoft cloud administrator accounts with nonstandard usernames, including “Whitesox, Chicago M.” and “Dancehall, Jamaica R.”
A screenshot shared by Berulis showing the suspicious user accounts.
On March 5, Berulis documented that a large section of logs for recently created network resources were missing, and a network watcher in Microsoft Azure was set to the “off” state, meaning it was no longer collecting and recording data like it should have.
Berulis said he discovered someone had downloaded three external code libraries from GitHub that neither NLRB nor its contractors ever use. A “readme” file in one of the code bundles explained it was created to rotate connections through a large pool of cloud Internet addresses that serve “as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.” Brute force attacks involve automated login attempts that try many credential combinations in rapid sequence.
The complaint alleges that by March 17 it became clear the NLRB no longer had the resources or network access needed to fully investigate the odd activity from the DOGE accounts, and that on March 24, the agency’s associate chief information officer had agreed the matter should be reported to US-CERT. Operated by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), US-CERT provides on-site cyber incident response capabilities to federal and state agencies.
But Berulis said that between April 3 and 4, he and the associate CIO were informed that “instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report.” Berulis said it was at this point he decided to go public with his findings.
An email from Daniel Berulis to his colleagues dated March 28, referencing the unexplained traffic spike earlier in the month and the unauthorized changing of security controls for user accounts.
Tim Bearese, the NLRB’s acting press secretary, told NPR that DOGE neither requested nor received access to its systems, and that “the agency conducted an investigation after Berulis raised his concerns but ‘determined that no breach of agency systems occurred.'” The NLRB did not respond to questions from KrebsOnSecurity.
Nevertheless, Berulis has shared a number of supporting screenshots showing agency email discussions about the unexplained account activity attributed to the DOGE accounts, as well as NLRB security alerts from Microsoft about network anomalies observed during the timeframes described.
As CNN reported last month, the NLRB has been effectively hobbled since President Trump fired three board members, leaving the agency without the quorum it needs to function.
“Despite its limitations, the agency had become a thorn in the side of some of the richest and most powerful people in the nation — notably Elon Musk, Trump’s key supporter both financially and arguably politically,” CNN wrote.
Both Amazon and Musk’s SpaceX have been suing the NLRB over complaints the agency filed in disputes about workers’ rights and union organizing, arguing that the NLRB’s very existence is unconstitutional. On March 5, a U.S. appeals court unanimously rejected Musk’s claim that the NLRB’s structure somehow violates the Constitution.
Berulis shared screenshots with KrebsOnSecurity showing that on the day the NPR published its story about his claims (April 14), the deputy CIO at NLRB sent an email stating that administrative control had been removed from all employee accounts. Meaning, suddenly none of the IT employees at the agency could do their jobs properly anymore, Berulis said.
An email from the NLRB’s associate chief information officer Eric Marks, notifying employees they will lose security administrator privileges.
Berulis shared a screenshot of an agency-wide email dated April 16 from NLRB director Lasharn Hamilton saying DOGE officials had requested a meeting, and reiterating claims that the agency had no prior “official” contact with any DOGE personnel. The message informed NLRB employees that two DOGE representatives would be detailed to the agency part-time for several months.
An email from the NLRB Director Lasharn Hamilton on April 16, stating that the agency previously had no contact with DOGE personnel.
Berulis told KrebsOnSecurity he was in the process of filing a support ticket with Microsoft to request more information about the DOGE accounts when his network administrator access was restricted. Now, he’s hoping lawmakers will ask Microsoft to provide more information about what really happened with the accounts.
“That would give us way more insight,” he said. “Microsoft has to be able to see the picture better than we can. That’s my goal, anyway.”
Berulis’s attorney told lawmakers that on April 7, while his client and legal team were preparing the whistleblower complaint, someone physically taped a threatening note to Mr. Berulis’s home door with photographs — taken via drone — of him walking in his neighborhood.
“The threatening note made clear reference to this very disclosure he was preparing for you, as the proper oversight authority,” reads a preface by Berulis’s attorney Andrew P. Bakaj. “While we do not know specifically who did this, we can only speculate that it involved someone with the ability to access NLRB systems.”
Berulis said the response from friends, colleagues and even the public has been largely supportive, and that he doesn’t regret his decision to come forward.
“I didn’t expect the letter on my door or the pushback from [agency] leaders,” he said. “If I had to do it over, would I do it again? Yes, because it wasn’t really even a choice the first time.”
For now, Mr. Berulis is taking some paid family leave from the NLRB. Which is just as well, he said, considering he was stripped of the tools needed to do his job at the agency.
“They came in and took full administrative control and locked everyone out, and said limited permission will be assigned on a need basis going forward” Berulis said of the DOGE employees. “We can’t really do anything, so we’re literally getting paid to count ceiling tiles.”
Further reading: Berulis’s complaint (PDF).
RIPPope
My initial thought was that DOGE was conducting penetration testing using a VPN or Tor routed through a Russian IP address. However, it turns out this IP is actually associated with a mobile device – likely a cellphone or a modem…
What authorization does DOGE have to do penetration testing? You can’t just go and do that…
The multiple login attempts from a Russian IP sounds too amateurish to believe. If 1 or 2 login attempts fail, wouldn’t they immediately drop to a US proxy or VPN? Or just use a US proxy/VPN from the first login?
OTOH maybe they used a VPN intentionally to blame Russia…
Or DOGE forgot to turn off their Russian VPN they were using before logging in.
The credentials had just been created within 15 minutes or so. A small group obtains those hot JIT credentials and tries to login a few times each? Assuming they have centralized operation infrastructure w/ distributed access. Maybe it gave some obscure error code and they were trying different setups? I wouldn’t say that’s the least believable part, it’s all pretty unbelievable isn’t it?
But absolutely everything DOGE does sounds too amateurish to believe. That’s why I have no doubt it’s them. (Also it was clear years before: this government would sell every single American asset to Russia for an apple.)
How do you know they didn’t use a VPN. The same day this they figured out the report was to be published, 3 top people at NSA were fired. It sounds like they contacted the NSA and they tracked it. That would be classified information and not released publicly. Why was he threatened multiple times not to release the report? Why would they worry if it was not true. He signed a sworn affidavit and it a felony to do what he did and lie. But you think it is made up makes sense. They lied about doge being granted access. They said they were never given access but subsequently the Whitehouse confirmed they were given access to the systems. Someone is lying. Either trumps people at the NLRB or the Whitehouse. Either way they are lying about what happened. But your simplistic explanation is supposed to refute it. It nonsense.
Well he didn’t say it “didn’t happen” but that it was “unbelievable” which is subtly different.
That’s an excellent distinction.
I’m more likely to believe “unbelievable” than “didn’t happen”.
Even on my least sensitive systems, I go out of may way to make sure that everything requiring any kind of privileges is logged.
Anytime you’re deliberately turning off logging by intention, you have ‘a reason’ to be doing that. They could have used the read-only access with logging, they decided that wasn’t enough – why? What were they possibly even doing that required anything more than read-only access with logging, which auditors already had set up ready to go? There’s the crux – and it shows intent up front. Congress needs to haul every single one of these goons in to explain themselves under Oath. Same with Foxchad Hegseth and his family/friends who are ‘too gud’ for National Security Information Policies.
I mean, IF we had a Congress, we should be doing that. What we have instead right now, I’ll refrain from characterizing.
It doesn’t sound like a tech savvy person was the one logging in if they were provided with the login info. So they may not have known to do any of that.
Thank God for whistleblowers and thank journalists for covering it.
and you’re mentally ill ..
… says the spinless prolapse who has nothing intelligent to add to the conversation. Wasn’t your mom warned against using thalidomide?
It might work better to try to make a rational argument than just to sling insults. Slinging insults like that is far from a sign of intelligence.
Why don’t you read what he’s replying to first then? Oh right, you’re unserious.
Read his posts. He has made post after post after post and every one of them is nothing more than slinging insults.
It doesn’t matter what side he is on, if that’s the best he can do, then his words are of no value.
Listen up Sunshine, because you are obviously a newcomer flailing around these halls of enlightenment like a pork chop, I’ll give it to you straight.
Since the Orange Nonce, Felon and Rapist in Chief took office, this website has been inundated with vitriol the likes we have never seen here, EVER. Engaging in good faith sound debate, with disingenuous near illiterate sycophants with ill intent … DOES NOT WORK.
As regulars here are fully aware, I am NOT a US citizen and don’t give 2 sh*ts about your bipartisan politics. I’m only interested in FACTS and the TRUTH and will call out disingenuous bullsh*t any time I see it.
If you start with the bile, I WILL be your nightmare. If not, carry on and I will not engage. Simple.
“Fr00tL00ps”
That says it all.
If you were interested in facts and truth, then you might actually have something worth saying.
‘then you might actually have something worth saying’
Worth what? And to whom? To YOU? or the regular audience? Don’t make me laugh! Who are you to be the judge of worth ? 🙂 If YOU had any genuine desire to hear me say something of worth, to YOU, you could have looked up the last few years of my input on this site, indulged me with YOUR opinions and walked away scot free, but YOU didn’t.
This leads me to only one conclusion; you are just another simpleton, cosplaying as concern troll, attempting to undermine the discourse of this website with your pathetic bad faith whining and sealioning, who deserves nothing but contempt.
You can go and play in traffic for all I care.
Surely you noticed you’re responding to responses, but _not_ to the OP trolling?
I think we can all agree that responding to trolling has very limited “value” in terms of “rational argument” exchange, yet that’s not the sigma of his posts but a subset. They have many on-point posts as well, but with the DOGE scandals and increasingly unavoidable political connections to these discussions the 1-off troll army has become emboldened of late. (I do wonder why BK has the power of moderation if not to use it for that purpose, but I digress, not my blog) Ultimately the choice is either to ignore the trolls entirely and let the detritus pile up unopposed, (which may encourage more? who knows) or mow that lawn with prejudice. Either way if you take issue with FL’s responses I think you have a similar issue with what he’s responding to. That’s not all he has to say, though.
Musk is far more corrupt that I thought! DODGE is far more suspicious and crooked, especially under Musk. Then there is the Russian connection. What is that all about? I fear what is coming.
They want to rewrite millions of lines of code used by the Social Security Administration. If you wanted to siphon off billions of dollars yearly from Social Security, that would be the way to go.
wowo you’re some high level moron, seek help
… you’re so awowowoke your eyelids folded back, engulfed your whole corpse and turned you into a walking sphincter. You’re past seeking help.
This is just evil, and stupid. Forgot firewalls and IPSs, they can just be circumvented by the lackey of a billionaire in a black SUV. Next time, physical security should just shoot.
I cannot imagine any legitimate reason to create accounts with logging disabled. Why would that capability even exist?
Thank you Mr Daniel, you did the right thing at great cost.
The Trusted News Initiative is hard at work.
It would probably be the top news in a normal administration. With this one, it would barely make the headlines. The problem with the U.S. system is that there’s absolutely nothing that we can do now since the congress is just looking the other way and the executive branch is the Russian asset.
This would either be the birth of the United States of Fascist America, or the end of the republican party, that after this election will never be able to elect another candidate. We shall see.
“the end of the republican party, that after this election will never be able to elect another candidate. ”
That’s what I worry about. I’ve been a Republican since the mid 1970s when I started voting. That said, I have never trusted Trump and have never voted for him. Just because he imagines himself to be a Conservative does not mean that he is a Conservative. He is really a radical who wants only to tear down society,
Won’t be the end. Stories like this will not make the headlines or capture the public’s attention in any meaningful way. Instead it’ll be buried other some minor noise that the public either cannot understand or meaningless in grand scheme of things.
Prepare for GOP 2.0 next time around as they attempt to follow up these corrupt plans as outlined by this administration.
So…Russia is involved because they ran…a docker container?
How’s that boot taste?
Reading is involved. If you can’t read, raise your hand and a teacher will come around to help.
DOGE is saying it never happened.
https://x.com/amuse/status/1913665346281656394
BTW, quoting NPR doesn’t help the case as they are hardly an unbiased source.
NPR is far more unbiased than DOGE, themselves.
Another spinless lacky. The sad part is, even if we do get past this regime people like you get to carry on like nothing happened.
“…quoting NPR doesn’t help the case as they are hardly an unbiased source.” Now, that is an understatement if there ever was one.
So find factual fault or don’t. We’ll wait.
DOGE is also saying they’re both in control of cuts and not in control of cuts… that Leon is in charge and also not.
You believe what they say without checking into it? Then you’re exactly the sort of voter they’re looking for.
The sworn testimony states that staff were told it was DOGE. DOGE was covering it’s tracks, so of course it would publicly deny the activities. “quoting NPR doesn’t help the case as they are hardly an unbiased source,” but don’t you think DOGE is more biased? What would be The Whistleblower’s motive in reporting this? Even if the he’s politically opposed to DOGE, do you believe this story is fabricated in an attempt to smear DOGE? I’m curious as to your theory about what’s really going on.
“During the week of Feb 24-28, 2025, Richard Troutman, my direct supervisor, the Assistant Chief Information Officer (“ACIO”), called and told my team that Prem Aburvasamy, the Chief Information Officer (“CIO”), wanted “bodies in chairs” in the office (ie. employees physically in the office) because members of a DOGE team were arriving the following week. We were also informed that in anticipation of their visit, DOGE engineers wanted to know what software, hardware, programming languages, and applications NLRB was using.”
These DOGE invasions are unrecoverable. We are literally watching the end of America as we know it.
DOGE destroying the government and Tesla getting super-contracts. Just wrap it all up and throw it away at this point.
I wish to God that Anonymous would get on the job of hacking the Doge idiots and all of Musk’s businesses. They’ve destroyed the US State Dept., the EPA, and will probably destroy the Social Security system using Musk’s half-*ssed AI, Grok. The only thing that will stop the Trumpists is technology, not some sad little demonstrations w/ppl holding signs fgs! If I had the skills I’d do it myself!
yeth… anonymuth is vewy vewy powerful… we do nawt fowgive… we do not fowget… expect us…
YOU CAN GET THESE TYPES OF SIGNINS ON ANY FKING ACCOUNT IN O365, these are typical botnet attempts they can show up from any country. AND DO NOTHING IF YOU HAVE MFA. But you really proved that you’re some dumb sH***t mf and you call yourself cyber security expert.. you’re fking propaganda spreading leftist woke mf.
Nurse! He needs another dose of Ivermectin!
You know, I once had a horse called ‘Trigger’ and this is quite ironic because ‘mR wOkE vIrUs’ is definitely triggered, so I would prescribe him a good dose of horse juice so he does not swallow his tongue in a fit of rage, which would be quite tragic if he did. Not. 😉
How does a botnet get the correct password for a brand new account? That’s an incident in its own right.
That’s exactly the point. The credentials were brand new and valid. That part is EVERYTHING.
The credentials were 15 minutes old. Valid credentials newly created for DOGE, not a brute force.
I know the dept of Education has been gutted but that doesn’t mean you just give up on having a functional mind. You need to read, let the words bounce around in your tiny skull, process them, THEN spout irrational knee-jerk nonsense, ok?
What’s the deal here mealy? I’m gone 48 hours and somebody let the stupidity meter overflow.
Keep at it my man. Someone has to protect the feeble from themselves.
We’re all victims one way or another, the choice being do you go along with it for perceived benefit.. or not.
Semper fi.
There is that maga intellectualism the world has come to expect.
There is nothing more ironic in this current world than a maga calling someone else a liar or even better – stupid.
Classless, clueless cucks – that’s maga encapsulated.
Kerbs and the whistleblower are framing this as a sophisticated nation-state attack leveraging DOGE to exploit the NLRB. But that doesn’t add up. Nation-state actors don’t blow their cover because they proxy with clean IPs from within the target country. The IP address in question (83.149.30[.]186) has had a bad reputation in open-source intelligence for over a year, linked to credential stuffing and scanning activity. Using an IP like that in a high-level operation is like flying a spy plane into enemy airspace with inflatable tube men and disco balls strapped to the wings. Attacks of this complexity require significant time and resources—no serious actor would risk burning their investment by using an IP already flagged and based in Russia. What is more likely- the DOGE employee’s creds were leaked, he’s reusing passwords, or using a weak password and they got password sprayed.
CISA and US-CERT are not a bunch for scrubs. If their official statement is that it’s not a security incident then I trust them.
I see no official statement from CISA and/or US-CERT that it’s not a security incident. Where are you reading that or did you just make it up?
“instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report.” That means it was not incident read between the lines dude. Also google the guy’s name you’ll find articles stating National Labor Relations Board saying it wasn’t an incident.
Ah, so because the higher-ups at NLRB denied everything, it never happened? Newsflash: You can always find “articles” offering almost any kind of take on any big story, but a lot of those publications offer conclusions without supporting them with facts. And if you’re asking AI to tell you the truth, their LLM crawlers are getting fed a ton of real fake news to create a ton of a “stories” that offer unsubstantiated explanations but which are not made for human consumption.
I will wait for more information. There are a ton of false naratives being pushed to try and discredit any meaningful and necessary reduction in fraud, waste, and abuse in the government. As an example of the kind if thing taking place, there was a widespread story being pushed recently that an American citizen was wrongly being held by immigration officials for ten days. As it turned out, the likes of NPR and other Leftists media didn’t have the real story. On its face, this seemed like a pretty big flub by federal officials. After all, no one should want a government that can mistakenly arrest you and hold you for ten days without any evidence that you’re an illegal alien. There’s just one problem, though. Hermosillo not only told immigration officials he crossed the border illegally, but he also signed a statement swearing that as well. So, just take a seat and stop gaslighting us about “the world coming to an end”.
Are you okay? There are dozens and dozens of reported incidents of American citizens being arrested and held for days on suspicion of being in the country illegally despite having all their paperwork. I’m sure these facts must bother you because you’re such a defender of the Constitution and human rights generally, right George?
nbcnews.com/news/latino/us-born-citizen-detained-ice-immigration-florida-rcna201800
“A U.S.-born American citizen was being detained at the request of immigration authorities Thursday despite an advocate showing his U.S. birth certificate in court and a county judge finding no reason for him to be considered an “illegal alien” who illegally entered Florida.”
That’s a single example. I’m sure you can twist in the wind and try to weasel out of reading it, but give it a shot first before you hand-wave and pretend none of this is actually happening, ostrich style. Be a man.
Take a seat and read something George. Chrissake, you’re doing what you accuse Krebs of in reverse.
Read it. Find something to say that’s factual. Hand-waving and pretending this is made up is pure FUD.
If I am reading things right, so far Krebs has only pointed out the facts: what everyone has said.
I am looking forward to him maybe shedding light on details that support or deny the allegations.
But that looks even worse, looks like it was not a targeted and highly sophisticated attack, but just a credential stealer on one of the DOGE devices.
… also those alerts were just the unsuccessful logins, it might be amateurish to try signing in from Russia, but who knows if they signed in later via a US VPN?
But my guess is whoever stole those credentials had no idea what they were for as most tenants will just let you login from anywhere.
Must have been a chinese hacker using a russian vpn… many such cases
nice how you framed a docker container, a ubiquitous tool for this kind of work for at least the last 10 years, as super super scary.
Krebs, the tech-bro who cried wolf.
Did you even read it? The agency in question didn’t use the containers, that’s why it stood out as odd.
Maybe some remedial reading courses are in order. Krebs didn’t invent that.
From NPR article
“The whistleblower’s account is corroborated by internal documentation and was reviewed by 11 technical experts across other government agencies and the private sector.”
Hopefully we can get a bit more of these details.
It’s an indicator of how much actual, credible information Brian is presenting that it’s drawing this many MAGA/MUSK lackeys to ‘dispute’ it.
I don’t know how you don’t lose your mind writing these Brian. The moment my eyes hit the comment section I lose all hope in humanity.
Thank you, Steve. Same here. It’s like almost any other forum these days. The first couple of comments are generally sensible and relate to the post, but the further down you go, the more rabid and foam spewing appears. Anonymity does strange things to people.
If someone who actually works there and in that role puts their career on the line, as well as resisting physical intimidation to call out apparent criminally negligent if not complicit misdeeds – ones which not only beggar belief from a security perspective but have resulted in unprecedented loss of inherently curated and sensitive information of workers and companies on a scale that also breaks records… Hopefully US-CERT and CiSA and the intelligence agencies & allies (whatever is left of all of the above) have exercised all the overrides and containment capabilities that remain to stop the exfiltration and preserve what accountability and audit trails remain or exist on backups.
All the questions and politics need to come after the containment and evidentiary work is complete and resilient.
The incompetence or “amateurishness” of fascist regimes isn’t a bug.
It’s a feature.
Delta Executor is one of the most popular Roblox exploits on the internet for all Roblox enthusiasts. Irrespective of whether you wish to download it on Android, iOS, and Windows. delta-executor.com
What the actual fork are you posting that here for though.
from npr on 4/16
“Tim Bearese, the NLRB’s acting press secretary, said the agency conducted an investigation after Berulis raised his concerns, but determined that no breach of agency systems occurred.”
“Breach” meaning a malicious threat actor such as Russia accessed the systems and exfiltrated data. Malicious threat actors stealing the data is a red herring. The real issue is DOGE accessing systems that store sensitive data with standard security controls disabled, transferring sensitive data to an unknown location with unknown data protection for unknown purposes.
He also “denied that the agency granted DOGE access to its systems”
So somebody is not telling the truth.
Aha! Welp, off to the police station to file a report. Oh they closed it? DOGE cuts? Oh.
If you actually read Berulis’s statement in the pdf at the bottom of the article, you can see the amount of work the man has put into making the department a lot more secure. It’s amazing to me that it was as bad as it was before he got there. That being said, the fact that this man had the guts to bring this up and to begin blocking data is exactly what a security professional should be doing. It goes against all security protocols to leave gates wide open without asking questions. This is not normal and should not be. One would not expect to walk into an air force base and be granted access to fly the planes. To expect and to be okay with the fact that people who have no business being in this data is beyond ridiculous. As a security professional, I see Beulis as a shining example of what to do. Regardless of whether you think the NLRB is wrong or not, the fact of the matter is you don’t just go exfiltrating data and expect it to be okay. Bravo to Berulis.
DogeSA_2d5c3e0446f9@nlrb.microsoft.com.
2D 5C 3E 04 46 F9
– \ > ! F ù
DogeSA_-\>!Fù
Coincidence? I think not.