DOGE staffer violated security policies at Treasury Department, court filing shows | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/doge-violated-security-policies-treasury-court-filing\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"DOGE staffer violated security policies at Treasury Department, court filing shows\"> <meta property=\"og:description\" content=\"The filing was part of a case brought by state attorneys general seeking to block DOGE access to sensitive information.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/doge-violated-security-policies-treasury-court-filing\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-03-17T17:30:22+00:00\"> <meta property=\"article:modified_time\" content=\"2025-03-17T17:30:25+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1281\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1739294329g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1741103352g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1740691656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=a815169637cf454b7376\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83881\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83881\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdoge-violated-security-policies-treasury-court-filing%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdoge-violated-security-policies-treasury-court-filing%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83881 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/doge-violated-security-policies-treasury-court-filing\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.621061359867\">\n<div class=\"single-article__header-content\" readability=\"34.181818181818\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/doge-violated-security-policies-treasury-court-filing\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> The filing was part of a case brought by state attorneys general seeking to block DOGE access to sensitive information. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/83881\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=1536,1025 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=1012,675 1012w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-2.jpg?resize=1264,843 1264w\" sizes=\"(max-width: 1012px) 100vw, 1012px\"><figcaption> A demonstrator holds up a sign during a rally in front of the U.S. Treasury Department in protest of Elon Musk and the Department of Government Efficiency on Feb. 4. (Photo by Anna Rose Layden\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"24.941860465116\"><body readability=\"52.015859766277\"><\/p>\n<p>A staffer for the Department of Government Efficiency (DOGE) violated security policies at the Treasury Department by improperly sharing sensitive personal information outside the agency, according to a court filing.<\/p>\n<p><a href=\"https:\/\/storage.courtlistener.com\/recap\/gov.uscourts.nysd.636609\/gov.uscourts.nysd.636609.116.1.pdf\">The filing<\/a> last week came in <a href=\"https:\/\/www.courtlistener.com\/docket\/69623558\/state-of-new-york-v-donald-j-trump\/\">a case<\/a> state attorneys general brought against President Donald Trump and Treasury Secretary Scott Bessent <a href=\"https:\/\/fedscoop.com\/treasury-payments-systems-doge-judge-ruling\/\">challenging DOGE access to Treasury records<\/a>.<\/p>\n<p>DOGE staffer Marko Elez, who resigned in February after <a href=\"https:\/\/www.wsj.com\/tech\/doge-staffer-resigns-over-racist-posts-d9f11a93\">racist social media posts surfaced<\/a>, shared personally identifiable information in a spreadsheet with two General Services Administration officials, according to the filing from David Ambrose, named as the \u201cChief Security Officer\/Chief Privacy Officer\/Acting Chief Information Security Officer\u201d at Treasury\u2019s Bureau of the Fiscal Service (BFS).<\/p>\n<p>\u201cThe names in the spreadsheet are considered low risk PII because the names are not accompanied by more specific identifiers, such as social security numbers or birth dates,\u201d Ambrose wrote. \u201cElez\u2019s distribution of this spreadsheet was contrary to BFS policies, in that it was not sent encrypted, and he did not obtain prior approval of the transmission\u201d as required, he said.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Ambrose\u2019s declaration was one of two filed by the defense, but the state attorneys general didn\u2019t find them to be convincing evidence of careful security.<\/p>\n<p>\u201cPlaintiffs have quickly reviewed the contents of these declarations and they do nothing to allay any of the concerns expressed by the Court in its Opinion about the rushed and chaotic nature of the Treasury DOGE Team onboarding process,\u201d <a href=\"https:\/\/www.courtlistener.com\/docket\/69623558\/118\/state-of-new-york-v-donald-j-trump\/\">they wrote in response<\/a>. \u201cRather, these new declarations confirm that the Court\u2019s concerns were well founded.\u201d<\/p>\n<p>DOGE staffer Ryan Wunderly took Elez\u2019s place at Treasury. The plaintiffs insisted that adequate security safeguards still aren\u2019t in place.<\/p>\n<p>\u201cDefendants provide no specific description of what Wunderly\u2019s job duties will be or who will provide day-to-day supervision over Wunderly and the other Treasury DOGE Team members, nor do Defendants clarify the reporting lines for the Treasury DOGE Team members, which the Court found creates uncertainty over their employment status and authority to access Treasury systems,\u201d they wrote.<\/p>\n<p>More broadly, the actions of DOGE have <a href=\"https:\/\/cyberscoop.com\/musk-doge-opm-treasury-breach\/\">raised concerns<\/a> with cybersecurity experts who view the activity as, functionally, a data breach.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/doge-violated-security-policies-treasury-court-filing\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DOGE staffer violated security policies at Treasury Department, court filing<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3239,1673,2977,117,268,3909,509],"tags":[3241,1675,2979,119,274,3910,511],"class_list":["post-7449","post","type-post","status-publish","format-standard","hentry","category-department-of-government-efficency","category-department-of-treasury","category-federal-it","category-government","category-privacy","category-scott-bessent","category-treasury-department","tag-department-of-government-efficency","tag-department-of-treasury","tag-federal-it","tag-government","tag-privacy","tag-scott-bessent","tag-treasury-department"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-government-efficency\/\" rel=\"category tag\">Department of Government Efficency<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-treasury\/\" rel=\"category tag\">Department of Treasury<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/federal-it\/\" rel=\"category tag\">Federal IT<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/privacy\/\" rel=\"category tag\">Privacy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/scott-bessent\/\" rel=\"category tag\">Scott Bessent<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/treasury-department\/\" rel=\"category tag\">Treasury Department<\/a>","tag_info":"Treasury Department","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7449","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7449"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7449\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7449"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7449"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7449"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7449,"date":"2025-03-17T12:30:22","date_gmt":"2025-03-17T17:30:22","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83881"},"modified":"2025-03-17T12:30:22","modified_gmt":"2025-03-17T17:30:22","slug":"doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/03\/17\/doge-staffer-violated-security-policies-at-treasury-department-court-filing-shows\/","title":{"rendered":"DOGE staffer violated security policies at Treasury Department, court filing shows"},"content":{"rendered":"