One of the Department of Government Efficiency (DOGE) employees, Marko Elez, has been involved in a severe breach of Treasury Department policy. Elez, who once worked for Elon Musk’s companies, SpaceX and X, was responsible for managing Treasury payments. He resigned after racist social media posts linked to him became public. However, he was re-employed by DOGE at the Social Security Administration afterwards.
The breach occurred when Elez emailed a spreadsheet of personal data to two Trump administration officials. The spreadsheet listed names, transaction types, and dollar amounts but not sensitive identifiers such as Social Security numbers or birth dates. The Treasury’s privacy officer, David Ambrose, had classified this data as “low-risk personally identifiable information” (PII). But sending such data unencrypted and without prior written authorization was a violation of Bureau of Fiscal Service policies.
Elez’s actions have raised questions about the security protocols and oversight in effect at DOGE, particularly since it accesses sensitive government databases across various agencies. A forensic audit conducted by the Treasury Department found that Elez had briefly been granted read-write access to confidential data, even though it had earlier been assured that his access was read-only. Although he made no changes to records, the unauthorized disclosure of personal data has highlighted a lack of sufficient training and oversight within DOGE.
This incident is part of a broader lawsuit filed by 19 state attorneys general, who are attempting to prevent DOGE from gaining access to confidential payment information on U.S. taxpayers, contractors, employees, and beneficiaries. The lawsuit argues that DOGE’s access to Treasury systems risks dire consequences, including potential disruptions to social support payments and even federal default on obligations.
The court has already restricted DOGE’s access to Treasury payment systems over these fears. The Trump administration is trying to amend this order to allow DOGE greater access to information, however. The additional information about Elez’s actions has strengthened the case against DOGE, the attorneys general said, and added that the new information confirms the court’s initial fears over the “rushed and chaotic nature” of the onboarding process for DOGE employees.
In response to these incidents, the Treasury Department has been emphasizing the need for tighter adherence to data protection protocols. The breach underlines the challenge for government agencies of balancing efficiency initiatives with robust data security practices, especially where sensitive personal information is involved. As the suit moves forward, it remains to be seen how the court will react to these concerns and the degree to which DOGE will be granted broader access to Treasury systems.
