every thing you said is false or plain exaggeration.
DOGE are not random people, they are government employees using government owned laptops to do audit on the orders of the President (DOGE is a renamed US Department of Digital Services).
Just because they analyze the data, journalists assume something nefarious going on, without the actual knowledge of actual risks:
Based on what they do, they only need read-only access to the General ledger transactions. I highly doubt they have access to modify COBOL programs on Treasury mainframes, but rather just operate off of read-only replicas/backups to read and analyze the data.
there are no risks to the Tresury system in this scenario.
There are risks to citizen data. Read access to Treasury includes access to millions of SSN and Social Security payments, tax data and tax payments, federal contract payments including for classified projects, and the routing and account numbers for all of those people and companies.
DOGE staff are bringing laptops in themselves. The previous U.S. Digital Service staff are firewalled from DOGE, including the IT teams who issue and manage equipment.
And DOGE staff are using these random laptops to copy all this sensitive data into private cloud accounts for storage and analysis.
That level of exfiltration of sensitive data is nefarious, and illegal, which is why a federal judge has issued an order to halt it.
Please read the linked article. Itβs by a deeply experienced and well-regarded security expert. I get that people are excited to dig out fraud, but sensitive data must remain secure in the process.
there are no risks to citizen data of the data is properly handled.
SSNs are being leaked every year by every large consumer and finance company, its not even that much of an issue anyways.
SSN is not supposed to be secret info anyways, and any system that allows stealing money just because someone happens to know SSN - deserves to go bankrupt
There is an article said that a DOGE member had write access as well (See [1]). But it was quickly changed back to read only. So there was a risk, but I can only hope nothing happened.
DOGE are not random people, they are government employees using government owned laptops to do audit on the orders of the President (DOGE is a renamed US Department of Digital Services).
Just because they analyze the data, journalists assume something nefarious going on, without the actual knowledge of actual risks:
Based on what they do, they only need read-only access to the General ledger transactions. I highly doubt they have access to modify COBOL programs on Treasury mainframes, but rather just operate off of read-only replicas/backups to read and analyze the data.
there are no risks to the Tresury system in this scenario.