Based on whistleblower complaints, congressional investigations, and the assessments of cybersecurity experts, the likelihood that the Department of Government Efficiency (DOGE) has scraped databases and installed functional "backdoors" into executive branch systems is extremely high. In several instances, these actions have been credibly alleged as documented facts.
Tasked with identifying government waste, DOGE personnel were granted unprecedented access to the internal networks of dozens of federal agencies. However, reports indicate that they routinely bypassed standard cybersecurity protocols to extract data and hide their digital footprints.
Here is a breakdown of the evidence regarding DOGE's data scraping and backdoor access:
1. Web Scraping and Database Exfiltration
There is concrete evidence that DOGE operatives have utilized specialized tools to scrape and siphon massive amounts of sensitive data from federal databases:
- Scraping Tools at the NLRB: In a formal whistleblower complaint, Daniel Berulis, a security architect at the National Labor Relations Board (NLRB), revealed that DOGE employees siphoned roughly 10 gigabytes of highly sensitive labor and union case files. IT logs showed that DOGE accounts downloaded Python code libraries from GitHub explicitly designed to rotate cloud IP addresses to generate "pseudo-infinite IPs for web scraping and brute forcing."
- Mass Data Consolidation: DOGE has secured sweeping access to databases at the Treasury Department, the Department of Education, the Department of Agriculture, and the Social Security Administration (SSA). Reports indicate DOGE operatives have copied massive troves of sensitive data—including financial records, student loan data, and identifying information—and fed it into unvetted commercial artificial intelligence software to analyze spending and the federal workforce.
+1
2. Installing Backdoors and Bypassing Security
While DOGE may not be installing traditional malware, they have systemically forced federal IT departments to grant them unmonitored access and bypassed security perimeters, which cybersecurity experts classify as functional backdoors:
- The "BdoorExtract" Code: Following the NLRB breach, it was discovered that a DOGE engineer had written bespoke code saved to a public GitHub repository named NxGenBdoorExtract. Because "NxGen" is the name of the NLRB’s highly sensitive internal case management system, cybersecurity experts and House Democrats identified this as code likely designed as a digital backdoor to extract files from the agency.
+1 - Unlogged "God Mode" Accounts: Whistleblowers reported that DOGE personnel demanded all-powerful "tenant admin" accounts that were explicitly exempted from network logging activity. They also created opaque virtual environments, or "containers," within government networks to run scripts secretly, allowing them to extract data without leaving an audit trail that agency IT staff could monitor.
+1 - Rogue Hardware at OPM: Reports indicate that DOGE operatives physically bypassed the Office of Personnel Management's (OPM) IT security protocols by plugging an unvetted, unauthorized server and computers with unknown security controls directly into the federal network.
The Cybersecurity Fallout
Top cybersecurity experts, including Bruce Schneier, have warned that DOGE's "move fast and break things" approach has created catastrophic national security risks. By disabling audit logs, plugging unauthorized hardware into networks, and transferring sensitive data to unvetted environments, DOGE has inherently created vulnerabilities and backdoors that foreign adversaries can easily exploit.
These risks materialized almost immediately: Shortly after DOGE forced the creation of unmonitored admin accounts at the NLRB, security systems flagged over 20 login attempts using the exact, newly generated DOGE usernames and passwords. The login attempts originated from a Russian IP address and occurred within just 15 minutes of the accounts being created.
In response to these incursions, lawmakers have introduced legislation—such as the Protecting Seniors' Data Act—which would direct the Government Accountability Office (GAO) to conduct top-to-bottom cybersecurity audits of federal networks specifically to find and remove any backdoors, bugs, or vulnerabilities left behind by DOGE operatives.