A whistleblower inside the National Labor Relations Board (NLRB) has come forward with alarming claims that Elon Musk’s tech team at DOGE gained unauthorized access to sensitive government databases—and possibly passed information through Starlink, raising red flags about national cybersecurity.
Daniel Berulis, an IT staffer at the NLRB, has filed a formal whistleblower complaint and publicly shared his concerns in a televised interview alongside his attorney, Andrew Bakaj. Together, they allege that DOGE employees infiltrated government systems, created new login credentials, and within minutes, those very credentials were used from Russian IP addresses to access the agency’s network.
But the claims don’t stop there. Bakaj says the exfiltration of data didn’t happen through conventional internet channels—it allegedly happened via Starlink, SpaceX’s satellite internet system, which Musk also owns. If true, it suggests a disturbing new possibility: that private tech infrastructure could be exploited to route stolen government data internationally, bypassing traditional safeguards.
Sensitive Data Disappears Without a Trace
The scale of the alleged breach is staggering. According to Berulis, roughly 10 gigabytes of data were taken—comparable to printing an entire encyclopedia set worth of documents. This data reportedly includes classified internal communications, details about labor organizing efforts, and sensitive investigations into workplace misconduct.
Berulis claims that DOGE staffers accessed this data under the radar, using freshly created usernames and passwords. In a detail that stunned many, Bakaj revealed that almost immediately after these credentials were created, login attempts were detected coming from Russia—using the exact same credentials. “This wasn’t guesswork,” Bakaj emphasized. “These logins were happening within 15 minutes, and they were accurate.”
Starlink Used as a Data Pipeline?
One of the most startling revelations is the alleged use of Starlink in the data transfer. Starlink, widely praised for providing internet access in remote areas and during crises, may have also been used as a tool for moving government data out of secure systems.
“DOGE was using Starlink to exfiltrate data,” Bakaj stated plainly. “From what we’ve gathered, that effectively created a direct pipeline from U.S. government systems to Russia.”
This accusation is particularly troubling because Starlink has been embraced by both public and private entities—including international allies—for its reliability and global reach. If its channels were used for unauthorized data transfers, it raises deeper questions about the oversight of private technology in public infrastructure.
A Systemic Cybersecurity Failure?
Berulis and his attorney stress that this wasn’t a one-off incident. According to their investigation, many other federal systems may be exposed in similar ways. They referenced critical databases tied to agencies like the Department of Energy and the Nuclear Regulatory Commission—systems that should never be vulnerable to outside access.
Bakaj compared the situation to a nuclear disaster: “It’s like Chernobyl. All the warning lights are going off after the meltdown. We’re seeing signs that something catastrophic has already happened—or is about to.”
This isn’t just a concern for IT departments. It raises national security issues about who has access to government systems, how data is being handled, and whether foreign actors are already inside U.S. networks.
Questioning Government Transparency
Berulis also pushed back against recent statements from the White House, which praised internal transparency and technical oversight. He says there’s a major disconnect between those claims and what’s happening behind the scenes.
“No one has audited what DOGE did,” Berulis said. “The code isn’t public. No third-party has reviewed any of this. Yet the public is being told that everything is fine.”
His frustration reflects a growing concern among cybersecurity professionals that officials are downplaying serious threats in the name of public confidence.
Growing Calls for Accountability
The allegations have already reached Congress, and lawmakers are reviewing Berulis’s whistleblower complaint. Some national security experts are calling for immediate action—including independent audits, stricter controls over private sector access to federal systems, and a deep investigation into Starlink’s role in federal data transmission.
“This could be a wake-up call,” Bakaj said. “If we don’t act now, we’re leaving ourselves wide open to foreign influence and future attacks.”
“Just the Beginning”
As troubling as these claims are, Berulis and Bakaj believe this incident may only scratch the surface. With tech firms increasingly entangled in government operations, there’s growing concern that a lack of accountability could lead to further breaches—or worse.
“This is just the tip of the iceberg,” Bakaj warned. “Dan took a huge risk in stepping forward. He’s done his part. Now it’s time for the government to step up and protect not only the whistleblower, but the entire country’s data infrastructure.”
What happens next could determine how the U.S. responds to the growing intersection of private tech power, public governance, and international cyber threats.
