GAO Report on DOGE Payments Access ‘just the Tip of the Iceberg’

By lambert
Headline
GAO report on DOGE payments access ‘just the tip of the iceberg’
URL
https://federalnewsnetwork.com/agency-oversight/2026/04/gao-report-on-doge-paym…
URL (Archive)
https://archive.md/zIcTy
Pubdate
One-liner
"[T]he agency couldn’t be bothered to get a signed access agreement from the employee or comply with other baseline safeguards."
Timeline
DOGE
Document Type
News and Analysis (Mainstream)
Venue
Federal News Network
Byline
Justin Doubleday
Report Excerpt

In comments on GAO’s draft report, Treasury ultimately agreed with the report’s recommendations to define minimum screening requirements for access payments data, strengthening training before granting access to sensitive systems, and update BFS’s process for reviewing emails with unencrypted payment information, among other suggestions.

Quinn Anex-Ries, a senior policy analyst at the Center for Democracy & Technology, called GAO’s findings “unnerving.”

“These findings only highlight the gravity of the issues at stake,” Anex-Ries told Federal News Network in an email. “Treasury failed to implement basic safeguards, resulting in DOGE employees inadvertently gaining modification and deletion authority in several systems. This left everyday people exposed to potential data errors or incorrect payment determinations.”

John Davisson, deputy director and director of enforcement at the Electronic Privacy Information Center (EPIC), said the report shows Treasury “flouted basic security safeguards” in the rush to give DOGE access to sensitive payment systems.

“Despite Treasury’s conclusion that one DOGE employee would be in a position to cause ‘inestimable damage’ to security interests, the agency couldn’t be bothered to get a signed access agreement from the employee or comply with other baseline safeguards,” Davisson wrote in an email. “And the result was predictable: that employee promptly broke the law and disclosed sensitive, unencrypted personal data to speed along the destruction of USAID.”

Both Anex-Ries and Davisson called GAO’s findings “the tip of the iceberg” in terms of what’s known about DOGE’s data access. GAO said today’s report “represents the preliminary results of our ongoing work reviewing DOGE access to Treasury systems.”

GAO also released a separate report today on how DOGE didn’t access National Labor Relations Board IT systems from April through mid-April through July 2025. However, GAO’s report doesn’t cover the period when a whistleblower alleged a DOGE representative compromised sensitive NLRB data. GAO said it didn’t want to overlap with an ongoing investigation by the NLRB inspector general.

* * *

Lambert here: A pretty light touch by GAO!

* * *

Kicker
Data Exfiltration
People
Quinn Anex-Ries
John Davisson
NGO
Center for Democracy and Technology
Electronic Privacy Information Center
Government Entity
Department of the Treasury
Bureau of the Fiscal Service
Government Accountability Office
National Labor Relations Board
Tags
access

Add new comment

About text formats
You have the option to tag the comment. When you start typing in the "Comment Tags" field, a dropdown with existing tags will appear; use these if possible. You can create tags that do not appear in the dropdown, but please remember that this is a family blog.