US DOGE.gov Website Found Wide Open

Uploaded on 2025-02-17 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Elon Musk’s Department of Government Efficiency (DOGE) website has allowed hackers from hostile countries to get into the DOGE website and put up fake and unedited information.

Indeed, as DOGE recently started publishing information about its activities it was apparent that DOGE was not the only entity publishing on the site.

Two web developers, working independently, found that it is possible to push updates to the DOGE.gov domain, which supposed be an official US government website. Their messages stayed on the website for at least 12 hours and remained visible for some time.

The DOGE website was launched in January 2025 and has had a single landing page containing very little information. The website only started being populated recently with some figures apparently showing the size of the US government, and this problem comes just after Musk promised his organisation would be “maximally transparent.” 

That transparency appears have gone a step too far, as the site appears to include classified material that should not be published.

In an attempt to  provide greater clarity, right now it looks like the DOGE.gov website is, in fact not secure, pulling information from from an exposed  database that can apparently be edited by anyone.

 The Verge   |   404Media   |   Reddit   |   Wired   |   Y Combinator   |   Ars Technica   

Image:  @DOGE

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Fast-Tracks Military Recruitment For Cyber Defence
Navigating The Latest Paths In Cybersecurity Certification »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

Air Informatics

Air Informatics

Air Informatics LLC provides security, information management, analytics and informatics for IT and wirelessly enabled airplanes and operations.

Information Technology Industry Development Agency (ITIDA)

Information Technology Industry Development Agency (ITIDA)

ITIDA has two broad goals: building the capacities of Egypt’s local information and communications technology (ICT) industry and attracting foreign direct investments to boost the ICT sector.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

Security Alliance

Security Alliance

Security Alliance provide bespoke cyber intelligence consulting and research services.

Cyber Intelligence 4U

Cyber Intelligence 4U

Cyber Intelligence 4U is an educational services company that provides two levels of cybersecurity training programs: executive and technical.

apiiro

apiiro

apiiro invented the industry-first Code Risk Platform™ that uses developers and code behavior analysis to accelerate delivery and automatically remediate product risk.

Torq

Torq

Torq's no-code automation modernizes how security & operations teams work with easy workflow building, limitless integrations and numerous pre-built templates.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

Ventum Consulting

Ventum Consulting

Ventum Consulting stands for digitalization, networking and agilization. We take this up on the strategic, professional and technical side and support our customers in the digital transformation.

PlanNet 21 Communications

PlanNet 21 Communications

PlanNet 21 Communications is Ireland most specialised technology solution provider.

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.