Whistleblower claims ex-DOGE member says he took Social Security data to new job

Exactly. By repeatedly saying "the definition is exactly what the EO said," he’s essentially deflecting responsibility and shifting the accountability upstream.

Its almost like the worst people among us have discovered that in high-trust societies if you have no morals you can engage in any behavior you wish.

> I'll be down voted into oblivion, but no one will actually present a coherent a counter argument

Is there a term for this Jehovah’s Witness complex where being ignored is taken as a sign of one’s faith?

DOGE was headhunting me late July through end of December.

Their recruiters are all anonymous when they reach out as they do not provide their names. I constantly questioned to myself and them directly if they were legit even if their email address showed as RecruitingUSDS@doge.eop.gov (their public email address seen on USDS). The first recruiter I demanded a video call with and asked him to bob and weave his head (lol). He never gave me his last name (all his emails came from that public address and they signed their emails with first name only) but I found him on Linkedin. He was late 20s to late 30s. From there I was asked to do/turned in a case study and after the govt shutdown I was invited to interview with a DOGE employee whom then her email showed her full name. I didnt make it past her as there was another step in their process which is an in person interview at USDS's office or within another govt agency DOGE working at.

[dead]

Something DOGE relied on when publicizing all those 300 year old people claiming benefits.

Who turned out not to exist.

Or when they put loshed that website full of their savings.

Which turned out not to exist.

Not like the current admin and AI companies are helping with that at all. Also, anyone in that department has brought great harm to the entire country and their employment should be public knowledge.

There are two stories here. One is the alleged wrongdoing. The second is the fact that the Washington Post has a name of a former DOGE employee. I'm far more interested in the second story than the first.

Every DOGE member is complicit, and every single name should be published. They knew what they were getting into.

Oh wow! I hadn't seen that. That's really great! All of them should be listed there, and should have been public all along.

We no longer live in a civilized society

But we are in the USA, where the majority of convicted criminals were never proven guilty because the system relies on coercing them into not going to trial.

Say who? Literally the entire news media loves airing trials before they're proven innocent or guilty.

Someone should tell that to the people who publish the gas station mugshot magazines.

This admin has no problems doxxing people for harassment, listing their personal home address on official social media posts: https://x.com/dhsgov/status/1912567112733753563?s=46. So why the double standard?

If I recall, that was exactly what happened early on in DOGE's tenure. Senior personnel were explicitly directed to grant admin access to DOGE personnel, and auditing/logging were disabled. This was widely reported at the time. I don't remember whether there were threats of termination, but it would not surprise me.

Contemporaneous reporting was that DOGE people demanded root-level access across multiple systems (disallowed by federal policy, so political appointees had to demand the access) and without background checks or onboarding, after which they extracted protected data and shoved it in some S3 buckets. Just blew a hole right through the entire federal data protection model; you can't plan for "the President orders everyone to ignore all privacy and security controls" as a threat model.

Maybe it wasn't trivial?

Nothing nerve wrecking like that but come on. They claim "the information could not have been stolen because the security practices" but "evidence has been published online, is now available to anyone and therefore it is dangerous" is a clown situation. It doesn't matter how it happened, it happened. Them trying to dispute the method is a clown camp.

An intranet could be a secure environment walled off from the internet

Hard disagree. How can it be “walled off” from the internet if it’s not connected? Despite the jokes, cutting access on its own is not the same as air gapping or a firewall. As soon as it’s plugged in there are zero controls.

Technically they could claim it’s a backup

Don't know why this is getting downvoted, it's well known that DOGE had goons to forcibly remove people that stood in their way.

Usually the opposition party, once it gains power.

The pen is mightier than the sword if the sword is very short, and the pen is very sharp.

- Terry Pratchett

Many of us would like you to be right about that.

However, the people of the USA voted for Trump. Twice.

I fear things have changed and Trump'ism is here to stay.

I would have LOVED to have a Polymarket bet when Biden said he will NOT Pardon his son.

I wonder how anomalous this presidency really is. Trump is not the first strong man bullheaded president who engaged in cronyism and systemic corruption. Most people don’t know the history of presidents though especially from centuries past. Maybe this broken state of the office we observe today has always been a viable option for people who payed attention enough to see it and are also evil enough to use it. Maybe this power has been specifically maintained intentionally for some time. Like a big open secret for those tasked with approving laws.

I agree. I'm not trying to point out the hypocrisy, it is obvious to anyone watching. I am more interested in testing the limits of how people will justify actions to themselves and others. It is fascinating to see the twisting happen in real time.

It's a pretty easy argument. You have Biden's admin presiding over the largest cybersecurity failure in U.S. history resulting in China stealing data on millions of Americans including both campaigns [1] versus an isolated lone actor stealing much less data.

Allowing China god mode access to U.S. telecommunications infrastructure versus one guy with a USB stick.

Biden's senior FBI officials and National Security Advisers admitted they didn't even have the logs to determine when or how they were breached, and the hack was via law enforcement portals.

Breathtaking incompetence. The 2024 election was completely compromised due to this security lapse, as both campaigns were wiretapped.

[1] https://www.pbs.org/newshour/show/chinese-hackers-have-infil...

Anyone know where I can buy/borrow an ebook version of "Anti-Semite and Jew: An Exploration of the Etiology of Hate"? Can't find it anywhere.

Given his track record of raising ever more money on idealistic claims only to deliver less and less... I think he delivered exactly as expected

Your friend is a prick

> A young programmer asked if he should go work for DOGE, or whether it would end in disaster. I told him that it would at least be interesting, and that if he was worried it would end in disaster, that was all the more reason to take the job. Maybe he could help prevent that.

https://xcancel.com/paulg/status/1888555241055948981

I guess this aged like Windows Me

Americans love their conmen.

What does he say now?

Given his track record, spending should be at four trillion now, right?

Musk's goal was never to reduce government spending or waste. It was to get unrestrained access to government spending data to serve his own goals.

It's a conspiracy theory - I don't have any real evidence to support it, but I tend to believe it.

I'd switch friends.

The Trump administration is 100% responsible for setting up the conditions where this kind of breach is effectively inevitable. They created "DOGE", staffed it with (among other specimens) teenage hackers with established records of malfeasance and names like "Big Balls"---presumably without any serious attempt at checking backgrounds and/or responding appropriately to any findings---and (by many accounts I've seen) granted them the authority to demand root level access to government systems without auditable logging or any other record of their actions. There appears to have been effectively zero oversight within "DOGE" itself, and the organization evidently failed to accomplish its stated goals by an enormous margin. AFAIK The Trump administration never publicly acknowledged any of this or took any visible steps to investigate the allegations.

If I was aware of any remotely comparable precedent in any recent administration, I would certainly criticize them for it. But the "DOGE" episode was so far beyond the pale that I can't think of anything else like it.

That person's actions were only possible because the administration explicitly decided to put that much unchecked power into poorly vetted individuals.

> the best attack that someone could make on the Trump administration.

It doesn't need to be, nor should we measure things against eachother by their ability to be used as an attack. We should measure this on it's own, based on what has happened.

In this case, an agency created by the President's Executive Order, that reports directly to the President made significant personnel and security access changes. There have been many security issues coming from that new personnel and department. If this doesn't fall on the administration, what does?

SO you're not defending the administration, you're just attacking everyone who does attack it. Nice.

If you enable reckless behavior, you are even hyping it I believe you are responsible for this behavior too.

I fail to understand how a random "special government employee" dumping sensitive government data into a flashdrive and trying to share it with private corporate is not a big deal?

Sounds like you suffer from the opposite of Elon Derangement Syndrome, where he can do no wrong even when the evedience points otherwise.

The public do forget (even egregious) things. I usually find that unfortunate, rather than the reverse, and tend to distrust those who count on public amnesia to obfuscate what they do. That's not a partisan, or even political - lots of corporations operate in the same manner - point, but I think it's a pretty good heuristic for sussing out who's being dodgy and who isn't.

> This is a nation built on egg-breaking.

Is too capacious. The USA is a nation based on "these truths [that] are self-evident", and (as the federal oath puts it) protecting and defending the Constitution.

That's not to say that egg-breaking can't be great, but it a) isn't usually to be commended for its own sake, but rather when it's to some specific and important purpose, and b) the "eggs" broken are not those in the preceding paragraph.

> In due time, this one will fall out of your mental stack, too.

I bet you said the same thing a year ago when people were warning about exactly this scenario.

>> In due time, this one will fall out of your mental stack, too.

Unless you get stack overflow first!

Damn, hoss, I wish this shit would just fall out of my stack.

Instead, I have a steady and ever-growing list of real and vicious shit that the US has done, going back to its formation.

You can pretend that everyone is just outraged because of some flavor of the month. You can pretend you're okay with breaking eggs because you don't think they are your eggs.

But at the end of the day some of us really don't like this stuff because we pay attention and have a memory- if you don't, then that's something you should work on.

Gotta break a few eggs to, uh, make things worse with no definable purpose.

I didn't treat it as anything. It really doesn't even need to be proven as fact. The actual thing people were warning about was untrained and unqualified people having access to this data in the first place. I can't find a statement denying that this employee had that level of access.

If those people weren't granted unprecedented access to our data, there would be no whistle to blow. You can wait for the "investigation" to play out, the rest can see that obvious risks were ignored to benefit someone.

This coming from the same group of morons crying election fraud without an ounce of proof is amazing.

I suppose the data just ended up in their hands at no fault of their own, through complete random happenstance, unrelated to their previous employment with DOGE?

You're right. This administration has done nothing but sit on it's laurels the past 2 years.

I think given the performance of DOGE, the wars, the executive orders, the epstein files, we can make a SMALL logical stretch here and assume, FOR THE MOMENT, that this happened.

You can of course discuss whether a thing is good or bad, even before it has been proven a fact. As an example, you could discuss whether it would be good or bad if it turned out that Trump fucked a minor in the presence of Epstein. Doesn't have to be proved first. You can still discuss whether it's good or bad. You could even discuss things that are totally hypothetical: if we colonize the moon, should we make murder legal or illegal on the moon? We can answer that question even if it hasn't happened yet.

He is talking about explanation of potential situation. He never said it is proven fact.

Well, there was the previous whistleblower complaint that members of DOGE accessed and shared sensitive Social Security data without the awareness of agency officials, which the government denied...until this January when they were forced to admit in a court filing that it was true. [https://archive.is/efY6S]

That is to say, there is no reason to extend this administration or anything DOGE-related the benefit of the doubt.

What's good for the goose is good for the gander. I think it's fine for citizens to hold administrations up to their own standards.

Now, your turn to answer the question.

Maybe because the constant lying of the U.S. administration means that any kind of whistle-blowing should be treated as fact, especially when there's likely to be significant risks to the whistleblower. It seems very likely to be true.

Also meta or any other data broker.

Maybe not under the current administration, but that's the kind of risk that could kill your company, if you got caught. It might be why I'm not rich, but that seems like a massively irresponsible risk to take.

Nobody in Ad Tech is going to risk jailtime for a slightly higher CPM.

If this goes within the Ad Tech industry and knowing how Ad tech industry is, I don't feel quite surprised if we might see foreign adversarial nation buying the Social Security data from Ad tech/ (this Doge person in general either directly or through multiple layers) even in secretive manner at this point.

Either way this data is definitely going to spread behind closed doors.

Then do state or local charges.

That doesn't mean don't file them. Don't allow evil deeds to be done merely by threat - force immoral people to take the immoral action in public if they want to behave that way.

Distract from crimes of those currently in favor?

Removal of their personal freedom for months, years, or decades.

Did this joker take things from a computer that they weren't supposed to while in a state that has laws against that sort of thing? If so, have a local prosecutor build up a case, and arrest and charge them.

The Supremacy Clause should be tested in this way.

I think it’s a great reaction to news stories to imagine how you could have made the same bad decisions. Furthermore this public confession of being able to imagine making bad decisions might encourage a similarly minded to 20-something to wonder why an older version of themself is so afraid of even having such a dataset. It might even prompt someone to destroy some long forgotten cache of data they exfiltrated a long time ago.

I don’t think there’s a risk that it will influence a rare person in power to enforce the rules to go lighter. I just think it encourages people to be less reckless with hoarding data who might otherwise put themselves in danger.

yeah. ignorantia juris non excusat applies to both the speed limit and passive data theft

> "Martin reportedly stole the information simply by walking out of his various secure workplaces with it in his possession"

"secure" eh?

Check out FreeOTP if you want an alternative to Google Autheticator.

> But I think there is a different attitude to data risk in that age group today. They've grown up in a world where very little is really private, and every app and its dog has wanted their contact details and other information

Counterpoint from a UK/EU perspective.....

Anybody new being onboarded is given (company compulsory) GDPR training if their role involves any handling or processing of personal data whatsoever. Data security and privacy is being treated quite seriously here; though unfortunately not seriously enough IMO.

I don't think I would have offered to sell it or accepted an offer to buy it, but I think I could have easily been talked into sharing it, in a "I think my boss is a cool guy and I want him to like me and/or impress him" situation.

I'm not doing anything wrong! It's not like I'm selling it! I'm just showing off the cool data no one else has! I'm saving the day, probably, by letting us solve a problem with my cool data that would be impossible otherwise.

I'm pretty sure you can adjust the logic from "no one else" to "very very very few" and the logic just works the same...

I mean, insider risk is insider risk.

In the DOGE case, they specifically broke all the controls that existed to manage insider risk and keep people from making copies like this, but (especially 20-30 years ago) I've been on plenty of networks that just had no concept of insider risk and everything was just open for anyone to access (or protected by shared passwords everyone knew).

> have no reason to believe there's not at least some exfiltration

Is it genuinely your opinion that that activity (just look at all the equivocation!) constitutes a risk at the same level as alleged by the linked article?

This is exactly what I'm talking about. HN has a tunnel vision disease on this subject. "Yes yes, DOGE bros stole the SSA database, but let's please talk about how awful Google is." It's clinical at this point.