A federal cybersecurity specialist revealed that someone using a Russian IP address attempted to access National Labor Relations Board (NLRB) systems shortly after the Department of Government Efficiency (DOGE) received system credentials.
Daniel Berulis, a DevSecOps architect at NLRB, disclosed in a whistleblower statement that multiple login attempts from Primorsky Krai, Russia occurred within 15 minutes of DOGE engineers creating new user accounts. The login attempts appeared to use valid usernames and passwords but were blocked due to the agency's policy preventing international access.
The disclosure details broader concerns about DOGE's activities within NLRB systems. Berulis reported approximately 10GB of sensitive data was extracted from secured locations, though the specific files accessed remain unclear. The database contains private information including pending legal cases, union details, and corporate data.
According to Berulis, DOGE officials received unusually broad system access - "tenant owner" permissions in Microsoft Azure that exceeded normal auditor roles and even the Chief Information Officer's access level. IT staff were instructed not to maintain standard logs or records of the DOGE account creation process.
The NLRB denies any breach occurred. Acting Press Secretary Tim Bearese stated the agency investigated Berulis' concerns and "determined that no breach of agency systems occurred." Bearese also denied that DOGE was granted or requested system access.
Following the disclosure, Rep. Gerry Connolly (D-Va.) called for inspector general investigations at both NLRB and the Department of Labor regarding potential "technological malfeasance and illegal activity" by DOGE employees.
Berulis reported receiving a threatening note at his home, accompanied by drone-captured photos of him walking in his neighborhood, while preparing the whistleblower disclosure. His legal counsel notified law enforcement about the April 7 incident.
The case adds to ongoing controversy around DOGE's access to government systems under the Trump administration. Multiple lawsuits have challenged the scope of DOGE's data access, with one describing it as "the largest and most consequential data breach in US history."