US DOGE.gov Website Found Wide Open

Uploaded on 2025-02-17 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Elon Musk’s Department of Government Efficiency (DOGE) website has allowed hackers from hostile countries to get into the DOGE website and put up fake and unedited information.

Indeed, as DOGE recently started publishing information about its activities it was apparent that DOGE was not the only entity publishing on the site.

Two web developers, working independently, found that it is possible to push updates to the DOGE.gov domain, which supposed be an official US government website. Their messages stayed on the website for at least 12 hours and remained visible for some time.

The DOGE website was launched in January 2025 and has had a single landing page containing very little information. The website only started being populated recently with some figures apparently showing the size of the US government, and this problem comes just after Musk promised his organisation would be “maximally transparent.” 

That transparency appears have gone a step too far, as the site appears to include classified material that should not be published.

In an attempt to  provide greater clarity, right now it looks like the DOGE.gov website is, in fact not secure, pulling information from from an exposed  database that can apparently be edited by anyone.

 The Verge   |   404Media   |   Reddit   |   Wired   |   Y Combinator   |   Ars Technica   

Image:  @DOGE

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Fast-Tracks Military Recruitment For Cyber Defence
Navigating The Latest Paths In Cybersecurity Certification »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

Applause

Applause

Applause provides real-world software testing for functionality, usability, accessibility, load, localization and security.

ThetaRay

ThetaRay

ThetaRay’s solution for Industrial cyber security protects against unknown cyber-attacks that target industry and critical infrastructure.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

InnoValor

InnoValor

InnoValor realises value from digital innovation for organisations and government. We provide advisory services and develop innovative software solutions, based on our background in research.

GlobalPlatform

GlobalPlatform

GlobalPlatform’s specifications are highly regarded as the international standard for enabling digital services and devices to be trusted and securely managed throughout their lifecycle.

BitNinja

BitNinja

BitNinja provides full-stack server security in one easy-to-use protection suite. Enjoy real-time protection, automatic false positive handling and threat analysis for more in-depth insights.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Qi An Xin (QAX)

Qi An Xin (QAX)

QAX is a listed company based in China, and a leader in cybersecurity industry, providing new generation enterprise-level and national-level cybersecurity solutions.

DRT Cyber

DRT Cyber

DRT Cyber deploys technology solutions to support the functions of cybersecurity, privacy, and risk management.