DOGE engineer's credentials found in past public leaks from info-stealer malware

Original Article ↗ Hacker News Discussion ↗

Access, Clearances, and Accountability

  • Several commenters ask whether the US has an authority that can deny privileged access for poor operational security (e.g., revoking clearances).
  • Others note DOGE staff appear not to hold traditional security clearances, so there’s nothing to revoke; document security is ultimately under the President and delegated to agencies.
  • Multiple people argue agencies and oversight bodies are aware but are choosing not to act, often framed as a political decision by the current Congress and administration rather than a capability gap.

Is the Article Clickbait or Legitimate?

  • Some see the Ars piece as “clickbait”: the title implies an actively infected DOGE work computer, while the body clarifies that credentials appeared in leaks over time, some a decade old.
  • Others respond that the headline is technically accurate and that the original investigative source (linked through Ars) makes a credible case that malware “stealer logs,” not just ordinary breaches, are involved.
  • Critics argue that including routine Have I Been Pwned (HIBP) hits alongside stealer logs muddies the story and weakens the evidence.

Stealer Logs vs Standard Breaches

  • Several comments stress the distinction: normal database breaches can expose emails/passwords without any infection on the user’s device, whereas stealer malware logs imply credentials captured directly from an infected machine.
  • Others push back that even stealer logs can contain addresses typed by third parties or be polluted by credential stuffing, so presence alone isn’t definitive proof of compromise.
  • There’s disagreement over how many such logs (one vs several) are needed before it’s reasonable to infer poor OPSEC.

Government OpSec and DOGE’s Practices

  • Commenters contrast traditional classified environments (air‑gapped networks, locked‑down workstations, no personal devices) with DOGE’s reported behavior (personal laptops, elevated access, nonstandard systems).
  • Several argue that, given DOGE’s access to sensitive financial and infrastructure data, even the appearance of repeated compromises is unacceptable and should trigger serious consequences.
  • Others think the article is overreaching and that focusing on speculative malware implications distracts from clearer, documented DOGE failures (defaced sites, misread numbers).

Intent vs Incompetence and Political Overtones

  • A recurring thread debates Hanlon’s razor: are these failures just incompetence, or deliberate sabotage / alignment with foreign interests?
  • Some insist the pattern of security lapses and policy choices has passed the point where “stupidity” is a plausible sole explanation; others warn against conspiracy thinking without hard proof.
  • The discussion frequently veers into partisan blame, Trump vs Biden, Russia/Ukraine, and DOGE’s claimed “savings,” showing strong polarization around the broader context rather than the narrow technical issue.