{"id":58510,"date":"2025-04-17T02:46:12","date_gmt":"2025-04-17T02:46:12","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/"},"modified":"2025-04-17T02:46:12","modified_gmt":"2025-04-17T02:46:12","slug":"whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/","title":{"rendered":"Whistleblower describes DOGE IT dept rampage at America&#8217;s labor watchdog"},"content":{"rendered":"<p>Democratic lawmakers are calling for an investigation after a tech staffer at the US National Labor Relations Board (NLRB) blew the whistle on the cost-trimming DOGE&#8217;s activities at the employment watchdog \u2013 which the staffer claims included being granted superuser status in contravention of standard operating procedures, exfiltrating data, and seemingly leaking credentials to someone with a Russian IP address.<\/p>\n<p>The claims above were made by Dan Berulis, an NLRB DevSecOps architect and client of nonprofit Whistleblower Aid, in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/whistlebloweraid.org\/wp-content\/uploads\/2025\/04\/2025_0414_Berulis-Disclosure-HELP-and-Oversight-with-Exhibits.pdf\">disclosure document<\/a> [PDF] to Congress that details his observations of what apparently happened when DOGE arrived at the labor watchdog.<\/p>\n<p>According to Berulis&#8217; disclosure, <a target=\"_blank\" href=\"https:\/\/search.theregister.com\/?q=DOGE\" rel=\"noopener\">DOGE<\/a> operatives arrived at the agency on March 3 in a black SUV that enjoyed a police escort. The same day, he claims, an agency assistant chief information officer (ACIO) told him that DOGE aides would be given accounts \u201cwith essentially unrestricted permission to read, copy, and alter data.\u201d Creation of such accounts was not standard operating procedure, but the ACIO said those rules must be ignored and the opening of the accounts was not to be logged.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Berulis\u2019s document points out that not even his CIO enjoyed the level of access given to DOGE unit operatives, and that the NLRB already had auditor accounts set up that provided enough privileges to check data without being able to edit, copy, or remove it. The &#8220;suggestion that they use these accounts instead was not open to discussion,&#8221; he wrote.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;In the same conversation it was conveyed that we were to hand over any requested accounts, stay out of DOGE\u2019s way entirely, and assist them when they asked,&#8221; he recounted.<\/p>\n<p>Within days, Berulis says, he began to notice worrying signs, such as alerting and monitoring tools being switched off and changes to multi-factor authentication.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>He also observed \u201cgigabytes\u201d of data \u201cexiting\u201d a case management application called NxGen over the network, and claimed he later saw 10 GB of data exfiltrated from the agency. He described that latter exfiltration as a \u201csimilar spike\u201d to the movement of data from the application and feels whatever happened was noteworthy as NLRB almost never moves information outside the org.<\/p>\n<p>&#8220;It is unclear which files were copied and removed, and I&#8217;ve tried multiple routes to prove this was not an exfiltration event but none have yielded fruit,\u201d he wrote.<\/p>\n<p>He talked to his CIO, who set up meetings and created an internal task force to examine the possibility of an insider threat. Those meetings are ongoing.<\/p>\n<h3 class=\"crosshead\">The Russian connection<\/h3>\n<p>On March 11, while examining logs, Berulis says he noticed a huge spike in outside login attempts being blocked &#8211; in particular one with an IP address that has the Primorskiy Krai region in Russia&#8217;s Far East listed as its location.<\/p>\n<p>The person was trying to log into an account that had been set up for one of the DOGE aides, Berulis claimed. The login attempts started within 15 minutes of the account being established, and used the correct username and password, he told Congress. The login attempts were blocked because the agency does not allow access to its systems from overseas.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Berulis tried to investigate the oddities he observed after DOGE arrived, and said he found &#8220;misconfigured or missing tools&#8221; made it impossible to analyze outgoing traffic.<\/p>\n<p>The NLRB team decided to contact the United States Computer Emergency Readiness Team (US-CERT), an outfit that works to investigate suspicious activity in government systems to safeguard security.<\/p>\n<p>&#8220;Between April 3-4, 2025, [assistant CIO] of security and I were informed that instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report,&#8221; Berulis\u2019s document recounts.<\/p>\n<p>At this point he decided to blow the whistle.<\/p>\n<h3 class=\"crosshead\">The denial twist<\/h3>\n<p>Before Berulis\u2019s whistleblower document was publicly shared, an NLRB spokesperson denied that DOGE had access to the agency&#8217;s network. After Berulis <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.npr.org\/2025\/04\/15\/nx-s1-5355896\/doge-nlrb-elon-musk-spacex-security\">went public<\/a>, the agency changed its tune and confirmed it did have DOGE workers in the house.<\/p>\n<p>Democratic lawmakers are now stomping their feet.<\/p>\n<p>&#8220;I write regarding developments that DOGE employees may be engaged in technological malfeasance and illegal activity at the National Labor Relations Board and the Department of Labor (DOL),&#8221; wrote House Representative Gerald Connolly (D-VA) in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/oversightdemocrats.house.gov\/sites\/evo-subsites\/democrats-oversight.house.gov\/files\/evo-media-document\/2025-04-15.gec-to-dol-and-nlrb-ig-re-doge.pdf\">letter<\/a> [PDF] to the inspector generals of both agencies.<\/p>\n<p>&#8220;Individuals associated with DOGE have attempted to exfiltrate and alter data while also using high-level systems access to remove sensitive information\u2014quite possibly including corporate secrets and details of union activities. I also understand that these individuals have attempted to conceal their activities, obstruct oversight, and shield themselves from accountability.&#8221;<\/p>\n<p>Connolly also cites an obvious conflict of interest for SpaceX oligarch and Tesla tycoon Elon Musk who, while <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/02\/26\/dhs_cisa_doge\/\" rel=\"noopener\">technically<\/a> not the head of DOGE, is certainly its overseer as President Trump&#8217;s eminence grease.<\/p>\n<p>&#8220;Mr Musk\u2019s companies face a series of enforcement actions from NLRB and DOL [the Department of Labor], creating an inherent conflict of interest for him to direct any work at either agency &#8211; let alone benefit from stolen nonpublic information,&#8221; the House Dem wrote.<\/p>\n<h3 class=\"crosshead\">Let&#8217;s talk about Elon<\/h3>\n<p>Musk has a history of conflicts with the labor agency.<\/p>\n<p>SpaceX and Tesla are involved in a legal attempt to eliminate the NLRB on the grounds that it&#8217;s allegedly unconstitutional. In the case of SpaceX, the agency gets in the way of Musk&#8217;s <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/01\/05\/spacex_nlrb_lawsuit\/\" rel=\"noopener\">desire<\/a> to fire staff who disagree with the noted <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/07\/12\/eu_officials_say_xs_paidfor\/\" rel=\"noopener\">fee-speech<\/a> advocate. So far, judges are <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/11\/18\/appeals_court_amazon_spacex_nlrb\/\" rel=\"noopener\">less than impressed<\/a> with such arguments.<\/p>\n<p>Tesla is also having words with the NLRB after the company <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/02\/16\/tesla_fires_dozens_at_factory\/\" rel=\"noopener\">fired workers<\/a> at its Buffalo, New York, gigafactory in 2023, the day after they <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/02\/15\/tesla_autopilot_workers_are_launching\/\" rel=\"noopener\">announced plans<\/a> to form a union. The NLRB also <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/03\/26\/tesla_labor_law\/\" rel=\"noopener\">ruled against Tesla<\/a> in 2021 after the billionaire threatened staff with the loss of their stock options if they tried to unionize, as is their right.<\/p>\n<p>We&#8217;re sure Elon would never hold a grudge. He seems like such an easy-going chap. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2025\/04\/17\/whistleblower_nlrb_doge\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ignored infosec rules, exfiltrated data \u2026 then the mysterious login attempts from a Russian IP address began \u2013 claim Democratic lawmakers are calling for an investigation after a tech staffer at the US National Labor Relations Board (NLRB) blew the whistle on the cost-trimming DOGE&#8217;s activities at the employment watchdog \u2013 which the staffer claims included being granted superuser status in contravention of standard operating procedures, exfiltrating data, and seemingly leaking credentials to someone with a Russian IP address.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-58510","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Whistleblower describes DOGE IT dept rampage at America&#039;s labor watchdog 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Whistleblower describes DOGE IT dept rampage at America&#039;s labor watchdog 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-17T02:46:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Whistleblower describes DOGE IT dept rampage at America&#8217;s labor watchdog\",\"datePublished\":\"2025-04-17T02:46:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/\"},\"wordCount\":1004,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/\",\"name\":\"Whistleblower describes DOGE IT dept rampage at America's labor watchdog 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2025-04-17T02:46:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Whistleblower describes DOGE IT dept rampage at America&#8217;s labor watchdog\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Whistleblower describes DOGE IT dept rampage at America's labor watchdog 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/","og_locale":"en_US","og_type":"article","og_title":"Whistleblower describes DOGE IT dept rampage at America's labor watchdog 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2025-04-17T02:46:12+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Whistleblower describes DOGE IT dept rampage at America&#8217;s labor watchdog","datePublished":"2025-04-17T02:46:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/"},"wordCount":1004,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/","url":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/","name":"Whistleblower describes DOGE IT dept rampage at America's labor watchdog 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2025-04-17T02:46:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cso&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2aACggkuRwN5ghSghZE_7cwAAABA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/whistleblower-describes-doge-it-dept-rampage-at-americas-labor-watchdog\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Whistleblower describes DOGE IT dept rampage at America&#8217;s labor watchdog"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58510","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=58510"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58510\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=58510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=58510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=58510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}