US DOGE.gov Website Found Wide Open

Uploaded on 2025-02-17 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Elon Musk’s Department of Government Efficiency (DOGE) website has allowed hackers from hostile countries to get into the DOGE website and put up fake and unedited information.

Indeed, as DOGE recently started publishing information about its activities it was apparent that DOGE was not the only entity publishing on the site.

Two web developers, working independently, found that it is possible to push updates to the DOGE.gov domain, which supposed be an official US government website. Their messages stayed on the website for at least 12 hours and remained visible for some time.

The DOGE website was launched in January 2025 and has had a single landing page containing very little information. The website only started being populated recently with some figures apparently showing the size of the US government, and this problem comes just after Musk promised his organisation would be “maximally transparent.” 

That transparency appears have gone a step too far, as the site appears to include classified material that should not be published.

In an attempt to  provide greater clarity, right now it looks like the DOGE.gov website is, in fact not secure, pulling information from from an exposed  database that can apparently be edited by anyone.

 The Verge   |   404Media   |   Reddit   |   Wired   |   Y Combinator   |   Ars Technica   

Image:  @DOGE

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Britain Fast-Tracks Military Recruitment For Cyber Defence
Navigating The Latest Paths In Cybersecurity Certification »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Stott & May

Stott & May

Stott & May is a specialist cyber security recruitment agency.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

ESG Elektroniksystem- und Logistik-GmbH

ESG Elektroniksystem- und Logistik-GmbH

ESG offer a comprehensive portfolio of cyber and IT services ranging from consulting, solutions and operations to testing, simulation and training.

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

Procilon Group

Procilon Group

Procilon Group specialize in the development of cryptographic software as well as strategic advice on information security and data protection.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

Swiss Cyber Institute (SCI)

Swiss Cyber Institute (SCI)

The Swiss Cyber Institute is a registered cyber security education provider by the State Secretariat for Education, Research, and Innovation SERI.

GetHacked.ca

GetHacked.ca

GetHackded.ca is a certified company offering penetration testing and specialized cybersecurity services.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

USX Cyber

USX Cyber

USX Cyber was founded on the idea that small and medium businesses deserve and require the same level and sophistication of cyber protection as large enterprises.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.

Roundsec

Roundsec

Roundsec provide information security services including risk assessment and pentesting of sites and apps.

GetReal Security

GetReal Security

GetReal Security is the world’s leading authority on malicious digital content and deepfake protection.