Elon Musk’s DOGE Is Getting Audited

By lambert
Headline
Elon Musk’s DOGE Is Getting Audited
URL
https://www.wired.com/story/gao-audit-elon-musk-doge-government-agencies/
URL (Archive)
https://archive.is/2025.04.09-182233/https://www.wired.com/story/gao-audit-elon…
Pubdate
One-liner
"The GAO’s review is expected to be completed by the end of spring."
Timeline
DOGE
Document Type
News and Analysis (Mainstream)
Venue
Wired
Byline
Leah Feiger
Tim Marchman
Report Excerpt

The Government Accountability Office (GAO) is auditing Elon Musk’s so-called Department of Government Efficiency (DOGE).

The probe, which has been ongoing since March, covers DOGE’s handling of data at several cabinet-level agencies, including the Departments of Labor, Education, Homeland Security, Health and Human Services, the Treasury, and the Social Security Administration, as well as the US DOGE Service (USDS) itself, according to sources and records reviewed by WIRED.

The audit, according to records reviewed by WIRED, is broadly centered on DOGE’s adherence to privacy and data protection laws and regulations. More specifically, according to records detailing GAO’s interactions with the Department of Labor (DOL), the agency will conduct a granular review of every system to which DOGE—defined in these records as USDS workers and members of the DOGE teams which an executive order directs every federal agency to establish—has been given access at the agencies it is examining. DOL did not respond to requests for comment.

Notes from a March 18 meeting, marked “Internal/Confidential,” show that a DOL lawyer presented colleagues with an overview of DOL’s interactions with DOGE. “So far,” the notes read, “they do not have write access. They have asked; we’ve held them at bay. We’ve tried to get them to tell us what they want & then we do it. They only have read access.” DOGE seems primarily interested, according to the notes, in pay systems and grants, and has signed an agreement detailing a “long list of things they won’t do.”

A record detailing an initial request from GAO for DOL documents, due at the end of March, shows that the agency was asked to show how it protected its systems, with the requested documentation covering, among other things, its policies on management of access to system accounts, training, the principles of separation of duties and least privilege, the use of portable storage devices, audit logging, and its insider threat program. These requests reference the National Institute of Standards and Technology publication Security and Privacy Controls for Information Systems and Organizations, which serves as a set of information security guidelines for federal systems not related to national security.

According to a Congressional aide, who spoke to WIRED on condition of anonymity because they are not authorized to be quoted in the media, the requests followed media reports on DOGE’s incursions into federal systems.

“The federal government, and actually most private companies as well, operate on the principle that data should be protected,” they say.

“Has this data been exported outside of the agencies?” they add. “Is it being accessed or used by hackers or private citizens, or maybe it’s being used to train AI models? I don’t know.”

The GAO’s review is expected to be completed by the end of spring, according to records reviewed by WIRED. Congressional sources say it will yield a report that will be made public.

Kicker
Data Exfiltration
Government Entity
Government Accountability Office
Department of Labor
National Institute of Standards and Technology
Tags
access

Add new comment

About text formats
You have the option to tag the comment. When you start typing in the "Comment Tags" field, a dropdown with existing tags will appear; use these if possible. You can create tags that do not appear in the dropdown, but please remember that this is a family blog.