Comment by 9283409232

The issue is we don't know what they took and they took steps to hide their tracks. This is whacked territory we are in. You can defend it but normally there are checks and controls in government for a reason. The fact that we are normalizing that certain very ideologically groups in government do not have checks and balances is pretty strange - based on nothing more than a "trust us, we are the good guys." This never works out in the end.

> Then, Berulis started tracking sensitive data leaving the places it's meant to live, according to his official disclosure. First, he saw a chunk of data exiting the NxGen case management system's "nucleus," inside the NLRB system, Berulis explained. Then, he saw a large spike in outbound traffic leaving the network itself.

> From what he could see, the data leaving, almost all text files, added up to around 10 gigabytes — or the equivalent of a full stack of encyclopedias if someone printed them, he explained. It's a sizable chunk of the total data in the NLRB system, though the agency itself hosts over 10 terabytes in historical data. It's unclear which files were copied and removed or whether they were consolidated and compressed, which could mean even more data was exfiltrated.

> Berulis says someone appeared to be doing something called DNS tunneling to prevent the data exfiltration from being detected. He came to that conclusion, outlined in his disclosure, after he saw a traffic spike in DNS requests parallel to the data being exfiltrated, a spike 1,000 times the normal number of requests.

> And Berulis noticed that an unknown user had exported a "user roster," a file with contact information for outside lawyers who have worked with the NLRB.

And more if you actually read the article. About a third of it is about the data that was taken.