Comment by timewizard
19 hours ago
The article is written very poorly. The disclosure itself is far more readable.
https://whistlebloweraid.org/wp-content/uploads/2025/04/2025...
19 hours ago
The article is written very poorly. The disclosure itself is far more readable.
https://whistlebloweraid.org/wp-content/uploads/2025/04/2025...
Also this PDF contains a detail I haven't seen reported elsewhere:
> Furthermore, on Monday, April 7, 2025, while my client and my team were preparing this disclosure, someone physically taped a threatening note to Mr. Berulis’ home door with photographs – taken via a drone – of him walking in his neighborhood. The threatening note made clear reference to this very disclosure he was preparing for you
It's an interesting detail because if true -- and I fully assume it is -- the intention likely wasn't to dissuade him from going public, but instead to make him look like a conspiratorial nut. When I first saw this story and heard that "drone shot of him / threatening note" I admit that I immediately assumed it was a flake, but on further details I think that was actually the reason for doing that.
Thanks. So the tools downloaded from GitHub were allegedly used to scrape personally-identifiable information (PII), details about ongoing legal cases, union-related data, and corporate secrets. The whistleblower observed large spikes in outbound data traffic, suggesting that gigabytes of sensitive information were exfiltrated with logging disabled, so as not to leave a trail.
Yes, this is much more clear than the article.