Comment by rtkwe

Take your pick it was widely reported and you can read the original whistleblower report;

https://whistlebloweraid.org/wp-content/uploads/2025/04/2025... - page 2 & 11

"This declaration details DOGE activity within NLRB, the exfiltration of data from NLRB systems, and – concerningly – near real-time access by users in Russia. Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (eg. Usernames/Passwords)"

"For example: In the days after DOGE accessed NLRB’s systems, we noticed a user with an IP address in Primorskiy Krai, Russia started trying to log in. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating. There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers."

https://krebsonsecurity.com/2025/04/whistleblower-doge-sipho...

https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...