A new lawsuit filed against the Department of Government Efficiency (DOGE) has raised serious concerns about the breach of security protocols at USAID. Employees have accused DOGE workers of gaining unauthorized access to highly confidential data, including security clearance files, personal financial records, and sensitive information about USAID staff deployed in conflict zones. According to the lawsuit, DOGE staff had root access to these systems, allowing them full control without the necessary security clearances to handle such information. This access reportedly included personal data like Social Security numbers, passport details, and emergency safety codes.
The lawsuit claims that after gaining root access in February, DOGE workers caused significant disruptions by blocking hundreds of USAID employees from accessing critical services such as email and safety applications. These apps are crucial for staff working in high-risk areas to signal distress and receive emergency assistance. The case also highlights incidents where sensitive contact lists and safety applications were remotely deleted from phones belonging to employees, putting them at risk while stationed overseas.
According to the plaintiffs, DOGE’s actions also resulted in the transfer of sensitive data outside of USAID’s systems.
One of the plaintiffs, a cybersecurity worker at USAID, alerted her supervisors after discovering that DOGE staff were attempting to breach agency systems. The worker’s investigation led her to conclude that DOGE employees were hackers, prompting concern over the integrity of the agency’s cybersecurity efforts. The lawsuit also points to Elon Musk’s involvement, accusing him of using his access to USAID data to scrutinize the financial backgrounds of employees. The plaintiffs argue that these actions were not only a violation of security protocols but also a breach of privacy, further exposing the organization to vulnerabilities.
In addition to the operational and security breaches, the lawsuit underscores the risks to USAID employees who may have been doxxed as a result of DOGE’s unauthorized access. The disruption to communications and loss of access to vital safety tools left many workers vulnerable, especially those stationed in conflict zones or high-risk areas. The lawsuit calls for accountability for DOGE’s actions, emphasizing the need for stricter oversight to prevent further breaches and safeguard the personal data of government employees.
