A Federal Cybersecurity specialist has alleged in a statement of complaint of complaint on Tuesday that the Efficiency Department of President Donald Trump (Doge) caused a security violation in the National Board of Labor Relations and may have illegally eliminated delicate data of the Board.
The specialist, Daniel Berulis, made the accusations in an affidavit presented to the members of the Congress and a federal office of complainants, asking them to investigate what a violation of cyber security. His lawyer said that Berulis had also been attacked with a threatening note and photographs that showed him near where he lives. NPR first reported the statement, and NBC News has not independently verified the accusations.
The report of complainants, of which NBC News has reviewed a copy, occurs when the Doge and Trump billionaire advisor, Elon Musk, continues to face multiple demands by questioning their access to computer systems throughout the federal government.
Berulis, who works at the Work Board, wrote in the statement that a few days after Doge employees arrived in March, he noticed a series of “anomalous” events in the Board’s computer systems. Those included changes in the use of multifactor authentication, which is a widely used security protocol and internal alert systems that are deactivated, wrote in the 14 -page statement.
He also wrote that he tracked what seemed to be the transfer transfer of about 10 gigabytes or more data: “The equivalent of a complete encyclopedias battery” if the data were all text files, he wrote. He writes that the elimination was “extremely unusual because the data almost never leave the NLRB databases directly.”
The database to which Dege contained personal identification information of “plaintiffs and surveyed with pending issues before the agency”, as well as the confidential commercial information collected during the investigations, he wrote.
He added that after DeGe obtained access to the systems of the Work Board, there was an increase in the attempted locations of locations outside the United States, including a user with a Internet protocol address (IP) in Russia. He writes that the person with the Russian IP address seemed to have a correct username and password, created minutes before by Dege’s engineers, and was blocked from logging only by their location.
“Those attempts were blocked, but were especially alarming,” Berulis wrote.
Berulis included several screenshots from a computer work station that, according to him, are evidence that the data is transferred. He writes that he has almost two decades of experience in his field and has had a high secret security authorization.
Anna Kelly, a White House press secretary, said in a statement that Dege had been transparent about her work at the NLRB.
“It is a news of the months that President Trump signed an executive order to hire Dixes employees in agencies and coordinate data exchange,” he said. “His highly qualified team has been extremely public and transparent in his efforts to eliminate waste, fraud and abuse throughout the Executive Power, including NLRB,” he added. His statement did not address the alleged data transfer.
The NLRB and Musk did not immediately respond to comments requests. In a comment to NPR, a NLRB spokesman denied that the agency had granted access to Doge to its systems, he said that Dege had not requested access to the agency’s systems and said that an internal investigation carried out after Berulis raised his concerns “determined that there was no breach of the agency’s systems.”
In a litigation about Dege’s access to federal data, although not specifically in the NLRB, the Department of Justice has argued that Doge enjoys a radical authority to access the data under an executive order that Trump signed the first day of his second mandate. This executive order orders all the chiefs of agencies to take all the necessary measures “to ensure that Dege” has total and fast access to all the agency’s records, software systems and non -classified IT systems “to the” measure consisting of the law. ”
It was not clear immediately if Berulis’s dissemination would lead to an investigation. Two legislators to whom Berulis addressed his dissemination did not immediately respond to the requests for comments.
Andrew Bakaj, a lawyer who represents Berulis as a complainant, wrote in a letter to the members of the Congress that believed that the conduct in question violated the Federal Law on Modernization of Information Security, a 2014 law designed to protect government data, as well as the Federal Privacy Law.
“As is certainly aware, the practical, legal and national security implications of such intrusion are huge,” Bakaj wrote.
The lawyer also wrote that on April 7, while Berulis was preparing his written statement, someone physically recorded a threatening note for the door of his house along with photographs taken through a drone of him walking in his neighborhood.
“The threatening note made a clear reference to this same dissemination that I was preparing for you, such as the appropriate supervision authority. Although we do not specifically know who did this, we can only speculate that involved someone with the ability to access NLRB systems,” Bakaj wrote.
