Federal workers have filed an emergency lawsuit demanding that courts mandate that Elon Musk’s Department of Government Efficiency shuts down the server it has set up at the US Office of Personnel Management’s (OPM) headquarters.
Wired reports that an attorney representing two unidentified government workers is alleging that “the server’s continued operation not only violates federal law but is potentially exposing vast quantities of government staffers’ personal information to hostile foreign adversaries through unencrypted email.”
The complaint alleges that the DOGE server was installed “without OPM—the government’s human resources department—conducting a mandatory privacy impact assessment required under federal law,” writes Wired.
Standard operating procedure for when federal employees (even the “special federal employees”) connect unauthorized devices to secure networks is to confiscate the device. Permanently.
You know the drill. Kill the server, extract the TPM keys (if applicable), yank the hard drives, and then nuke the rest of the server. Pass the keys and drives to forensics to check code and logs, and file the results as evidence for prosecution.
Seriously, there is no way that server met any of the DISA compliance requirements.
Would love for that to happen but with the DoJ recently telling Elon they’d be happy to prosecute anyone getting in the way of DOGE I doubt that any of that is gonna happen.