Reporter National Labor and Industrial Relations Commission (NLRB) claimed last week that Elon Musk residents Ministry of Government Efficiency (Doge) In early March, Didi Gigabytes of data from the agency’s sensitive case files. Reporting machine says that the account created for Doge on NLRB downloaded three code repositories github. Further investigation into one of these code bundles shows that it is very similar to the plans released in January 2025 Marko ElezHe is a 25-year-old threshold employee who has worked in many Musk companies.
A screenshot shared by NLRB whistleblower Daniel Berulis shows three downloads from Github.
According to complaints from whistleblower filed last week Daniel J. BerulisDoge’s 38-year-old security architect met with NLRB leaders on March 3 and asked to create several all-around “tenant administrator” accounts that should be exempt from network logging activities that would otherwise keep detailed records of all actions taken by those accounts.
Bellus said the new Doge account has unlimited permission to read, copy and change the information contained in the NLRB database. New accounts can also limit log visibility, delay retention, route logs, and even delete them altogether – top user privileges that neither Bellus nor his bosses do.
Bellus said he found out that one of the Doge accounts downloaded three external code libraries from it github Neither NLRB nor its contractors have used it. A “readme” file in a code bundle explains that it was created to rotate connections through the large number of cloud internet addresses provided.As a proxy for generating pseudo-intrusion IP, used for network scratching and brute force. “Brute force attacks involve automatic login attempts to try many credential combinations in a fast sequence.
Searching for this description in Google, on Github, provides users with a code repository of account names “GE0RG3“Who released a program called “Replects-IP-Rotator” four years ago, described as a library that will allow users to “bypass IP-based rate limits for IP-based sites and services.”
The readme file for Requests-ip-rotator of the GITHUB user GE0RG3 page includes the exact wording of the program mentioned by the whistleblower, one of the Doge users downloaded it. Marko Elez created a branch of the program in January 2025.
The description reads: “A Python library for leveraging large IP pools of AWS API Gateway as a proxy to generate pseudo-IP pools for network scratching and brute force.”
The code for GE0RG3 is “open source” because anyone can copy it and not reuse it together. It happens that the newer version of the project is derived or “forked” from the code of GE0RG3, called “Async-Ip-Rotator” and was dedicated to Github in January 2025 by Doge Captain Marko Elez.
One of the GitHub files downloaded by Doge employees who transferred sensitive files from the NLRB case database is an archive whose reading files show: Elez’s code was allocated from a code base that shared the same description in January 2025.
Elez has worked for many Musk companies, a key staff member who has obtained the U.S. Treasury Central Payment System, including x,,,,, SpaceXand xai. Elez Wall Street Journal Connect him to social media posts advocating for racism and eugenics.
Elez resigned after a brief scandal but was rehired after President Donald Trump and Vice President JD Vance expressed support. politics Report Elez is now Ministry of Labor A detailed introduction to assistants from multiple institutions Department of Health and Human Services.
“During Elez’s initial tenure with the Ministry of Finance, he violated the agency’s information security policy by sending spreadsheets containing name and payment information to officials of the General Services Administration.”
Krebsonsecurity sought comments from NLRB and Doge, and if either of them responded, the story would be updated.
NLRB has effectively been in trouble since then President Trump Three board members were fired so that the agency had no quorum to run. Both Amazon With Musk SpaceX The NLRB has been suing the agency for complaints filed against the workers’ rights and disputes between trade union organizations, believing that the existence of the NLRB is unconstitutional. On March 5, the U.S. Court of Appeal unanimously rejected Musk’s claim that the structure of the NLRB was somehow contrary to the Constitution.
Berulis’ complaint alleges that NLRB’s Doge account downloaded 10 GB of data from the agency’s case files, a database of sensitive records about employees who want to form unions and proprietary business files. Bellus said his senior rise in the agency told him not to report to core events in the U.S. because they agreed before he made it public.
Berulis told Krebsonsecurity that he was concerned that Doge’s unauthorized data transfer could unfairly exploit the defendants in many ongoing labor disputes arising from the agency.
“If there is any company that has obtained case data would be an unfair advantage,” Bellulis said. “They can identify and fire employees and union organizers without saying the reasons.”
Marko Elez, in a photo of her social media profile.
Berulis says the other two GitHub files are Doge employees who downloaded to the NLRB system Integuruaims to reverse the software framework (API) used by websites to obtain data; and a “headless” browser called No browsingThis is used to automate web-based tasks that require browser pools such as web scraping and automatic testing.
On February 6, someone posted a long and detailed criticism of the Elez code on Async-Rotator’s GitHub “Problem” page, calling it “unsafe, inseparable and fundamental engineering failure.”
“If this is a side project, it would be bad code,” the reviewer wrote. “But if this represents how you build a production system, there is a bigger problem. This implementation fundamentally breaks, and if something similar is deployed in an environment that handles sensitive data, it should be reviewed immediately.”
Further reading: Berulis’s Complaint (PDF).
