US DOGE.gov Website Found Wide Open

Uploaded on 2025-02-17 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Elon Musk’s Department of Government Efficiency (DOGE) website has allowed hackers from hostile countries to get into the DOGE website and put up fake and unedited information.

Indeed, as DOGE recently started publishing information about its activities it was apparent that DOGE was not the only entity publishing on the site.

Two web developers, working independently, found that it is possible to push updates to the DOGE.gov domain, which supposed be an official US government website. Their messages stayed on the website for at least 12 hours and remained visible for some time.

The DOGE website was launched in January 2025 and has had a single landing page containing very little information. The website only started being populated recently with some figures apparently showing the size of the US government, and this problem comes just after Musk promised his organisation would be “maximally transparent.” 

That transparency appears have gone a step too far, as the site appears to include classified material that should not be published.

In an attempt to  provide greater clarity, right now it looks like the DOGE.gov website is, in fact not secure, pulling information from from an exposed  database that can apparently be edited by anyone.

 The Verge   |   404Media   |   Reddit   |   Wired   |   Y Combinator   |   Ars Technica   

Image:  @DOGE

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Fast-Tracks Military Recruitment For Cyber Defence
Navigating The Latest Paths In Cybersecurity Certification »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

GE Digital

GE Digital

GE Digital is a leading software company for the Industrial Internet. Products include Industrial Cyber Security for Operational Technology (OT).

TruSTAR Technology

TruSTAR Technology

TruSTAR is a threat intelligence exchange platform built to protect and incentivize information sharing.

AnubisNetworks

AnubisNetworks

AnubisNetworks is one of Europe’s leading threat intelligence and email security suppliers.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

Trustless Computing Association (TCA)

Trustless Computing Association (TCA)

TCA is is a non-profit organization promoting the creation and wide availability of IT and AI technologies that are radically more secure and accountable than today’s state of the art.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

Foretrace

Foretrace

Foretrace aims to prevent, assess, and contain the exposure of customer accounts, domains, and systems to malicious actors.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

EasyDMARC

EasyDMARC

EasyDMARC deliver the most comprehensive product for anyone who strives to build the most secure possible defence system for their email ecosystem.

ProArch

ProArch

ProArch is a global team of multidisciplinary experts in cloud, infrastructure, data analytics, cybersecurity, compliance, and software development.

Alpha Echo

Alpha Echo

Specialising in security advice and enterprise-wide Cyberworthiness, Alpha Echo helps Australia deliver on cyber outcomes at a military grade level.

Efex

Efex

Efex is one of Australia’s leading Managed Technology Solutions providers. We service local companies across Australia, providing accessible, fast and straightforward IT.

Digital & Intelligence Service (DIS)

Digital & Intelligence Service (DIS)

DIS is the fourth Service of the SAF, here to defend and dominate in the digital domain, and achieve peace and security for our land.