In the first days of March, a team of advisers from President Trump’s new Department of Government Efficiency initiative arrived at the Southeast Washington, D.C., headquarters of the National Labor Relations Board.
The DOGE employees, who are effectively led by White House adviser and billionaire tech CEO Elon Musk, appeared to have their sights set on accessing the NLRB’s internal systems. They’ve said their unit’s overall mission is to review agency data for compliance with the new administration’s policies and to cut costs and maximize efficiency.
But according to an official whistleblower disclosure shared with Congress and other federal overseers that was obtained by NPR, subsequent interviews with the whistleblower and records of internal communications, technical staff members were alarmed about what DOGE engineers did when they were granted access, particularly when those staffers noticed a spike in data leaving the agency. It’s possible that the data included sensitive information on unions, ongoing legal cases and corporate secrets — data that four labor law experts tell NPR should almost never leave the NLRB and that has nothing to do with making the government more efficient or cutting spending.
Meanwhile, according to the disclosure and records of internal communications, members of the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access — evasive behavior that several cybersecurity experts interviewed by NPR compared to what criminal or state-sponsored hackers might do.
“I can’t attest to what their end goal was or what they’re doing with the data,” said the whistleblower, Daniel Berulis, in an interview with NPR. “But I can tell you that the bits of the puzzle that I can quantify are scary. … This is a very bad picture we’re looking at.”
The whistleblower’s story sheds further light on how DOGE is operating inside federal systems and comes on the heels of testimony in more than a dozen court cases across the United States that reveal how DOGE rapidly gained access to private financial and personal information on hundreds of millions of Americans. It’s unclear how or whether DOGE is protecting the privacy of that data. Meanwhile, the threatening note, though its origins are unknown, is reflective of the current climate of fear and intimidation toward whistleblowers.
NPR’s extensive reporting makes clear that DOGE’s access to data is a widespread concern. Across the government, 11 sources directly familiar with internal operations in federal agencies and in Congress told NPR that they share Berulis’ concerns, and some have seen other evidence that DOGE is exfiltrating sensitive data for unknown reasons.
Massachusetts Institute of Technology graduate and DOGE engineer Jordan Wick had been sharing information about coding projects he was working on to his public account with GitHub, a website that allows developers to create, store and collaborate on code.
After journalist Roger Sollenberger started posting on X about the account, Berulis noticed something Wick was working on: a project, or repository, titled “NxGenBdoorExtract.”
Wick made it private before Berulis could investigate further, he told NPR. But to Berulis, the title itself was revealing.
“So when I saw this tool, I immediately panicked, just for lack of a better term,” he said. “I kind of had a conniption and said, ‘Whoa, whoa, whoa.’” He immediately alerted his whole team.
While NPR was unable to recover the code for that project, the name itself suggests that Wick could have been designing a backdoor, or “Bdoor,” to extract files from the NLRB’s internal case management system, known as NxGen, according to several cybersecurity experts who reviewed Berulis’ conclusions.
NxGen is an internal system that was designed specifically for the NLRB in-house, according to several of the engineers who created the tool and who all spoke to NPR on condition of anonymity to avoid retaliation or adverse consequences for any future government work.
The engineers explained that while many of the NLRB’s records are eventually made public, the NxGen case management system hosts proprietary data from corporate competitors, personal information about union members or employees voting to join a union, and witness testimony in ongoing cases. Access to that data is protected by numerous federal laws, including the Privacy Act.
Add new comment