Top House Democrat says DOGE data access at NLRB may be ‘technological malfeasance’

The top Democrat on the House Oversight Committee is calling for an investigation into DOGE’s access to the National Labor Relations Board following exclusive NPR reporting on sensitive data being removed from the agency.

Ranking Member Gerry Connolly, D-Va., sent a letter Tuesday to Acting Inspector General at the Department of Labor Luiz Santos and Ruth Blevins, inspector general at the NLRB, expressing concern that DOGE “may be engaged in technological malfeasance and illegal activity.”

“According to NPR and whistleblower disclosures obtained by Committee Democrats, individuals associated with DOGE have attempted to exfiltrate and alter data while also using high-level systems access to remove sensitive information—quite possibly including corporate secrets and details of union activities,” Connolly wrote in a letter first shared with NPR. “I also understand that these individuals have attempted to conceal their activities, obstruct oversight, and shield themselves from accountability.”

According to an official whistleblower disclosure shared with NPR, interviews with the whistleblower and records of internal communications, technical staff members at the NLRB were alarmed about what DOGE engineers did when they were granted access, particularly when those staffers noticed a spike in data leaving the agency.

“I can’t attest to what their end goal was or what they’re doing with the data,” the whistleblower, Daniel Berulis, said in an interview with NPR. “But I can tell you that the bits of the puzzle that I can quantify are scary. … This is a very bad picture we’re looking at.”

Connolly shared similar concerns in his letter, highlighting the fact that billionaire businessman and DOGE leader Elon Musk’s companies like SpaceX, Tesla and X have cases pending before the NLRB and the Department of Labor.

Berulis saw around 10 gigabytes of data leave NLRB’s network — or the equivalent of a full stack of encyclopedias if someone printed them. Much of that data came from a system that houses information about pending cases, proprietary data from corporate competitors, personal information about union members or employees voting to join a union, and witness testimony. Access to that data is protected by numerous federal laws, including the Privacy Act.

The letter asks the inspectors general to answer a number of questions regarding ways DOGE may have potentially violated federal law, including any NLRB networks DOGE staffers had access to and what records of DOGE’s work within NLRB systems exist.

NPR reported DOGE staffers demanded “tenant owner level” access, which offers essentially unrestricted permission to read, copy and alter data, according to the whistleblower disclosure to Congress. The disclosure also noted that controls to prevent insecure or unauthorized mobile devices from logging on to the system without the proper security settings were disabled, an interface was exposed to the public internet and internal alerting and monitoring systems were found to be manually turned off, among other things.

Someone with an IP address in Russia tried to log in with the username and password of a newly created DOGE account just minutes after its creation, the disclosure reads.

In over a dozen lawsuits in federal courts around the United States, judges have demanded that DOGE explain why it needs such expansive access to sensitive data on Americans, from Social Security records to private medical records and tax information. But the Trump administration has been unable to give consistent and clear answers, largely dismissing cybersecurity and privacy concerns.