Daniel Berulis, a cybersecurity expert from the U.S. government, is raising alarms over an alleged covert cyberattack linked to the DOGE group, with alarming connections to Russia.
A federal IT specialist has sounded the alarm about a potential unprecedented cybersecurity scandal in the U.S. Daniel Berulis, a DevSecOps architect at the National Labor Relations Board (NLRB), has sworn that members of the controversial DOGE group — connected to entrepreneur Elon Musk — allegedly caused a security breach that exposed sensitive government data to foreign actors, including access attempts from Russia just minutes after the creation of new administrative accounts.
According to Berulis, the DOGE group obtained unprecedented privileges over NLRB systems, with full access to read, copy, or modify data, surpassing even the permissions of the agency’s own CIO. “We were ordered not to document anything and to facilitate their access. They literally told us not to get in their way,” the whistleblower stated.
Real-time access attempts from Russia
The complaint, supported by the organization Whistleblower Aid, includes evidence that users with Russian IP addresses attempted to access the accounts newly created by DOGE. Although attempts were blocked by internal geographic restriction policies, the attackers possessed valid credentials, suggesting an immediate leak.
Additionally, Berulis describes a data exfiltration of about 10 GB from the agency’s servers, the disabling of key security controls such as multi-factor authentication, and unauthorized alterations in access policies that favored the covert movement of data outside the government perimeter.
Personal threats
The case took a disturbing turn when, days before formalizing his statement, Berulis received a direct threat at his home: an intimidating note accompanied by drone photographs taken while he was walking in his neighborhood. “The message explicitly referred to the complaint he was preparing. It was a calculated act of intimidation,” said Andrew Bakaj, lead attorney for Whistleblower Aid.
The NLRB denies it, but Congress demands answers
The National Labor Relations Board has publicly denied any security breach, asserting that access was not granted to DOGE and that no incidents have been detected. However, Democratic Congressman Gerry Connolly has called for an immediate investigation by the inspectors general of the NLRB and the Department of Labor, citing a potential “flagrant conflict of interest” due to investigations into Elon Musk’s companies by both agencies.
Doge, an acronym for the Government Efficiency Department initiated during the previous Trump administration and informally led by Musk, has been under scrutiny for its privileged access to government systems. One ongoing lawsuit describes it as “the largest data breach in U.S. history.”
A new digital Watergate
If the facts reported by Berulis are confirmed, the incident could represent a turning point in the relationship between private actors and the management of government digital infrastructure. Suspicions of espionage, destruction of evidence, and threats against public employees create a scenario straight out of a spy novel, but with real consequences for national security.
“This is not just a case of poor administrative practice. It is a possible act of deliberate infiltration, with repercussions that could reach the highest levels of federal power,” concluded Bakaj.
In the meantime, the tech and political community watches with concern a case that could reshape the boundaries of public-private cooperation in critical information systems in the U.S.
Source: arsTechnica