Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

highplainsdem

(57,575 posts)
Tue Jul 15, 2025, 10:30 AM Jul 15

DOGE staffer with access to Americans' personal data leaked private xAI API key

Source: TechCrunch

A DOGE staffer with access to the private information on millions of Americans held by the U.S. government reportedly exposed a private API key used for interacting with Elon Musk’s xAI chatbot.

Independent security journalist Brian Krebs reports that Marko Elez, a special government employee who in recent months has worked on sensitive systems at the U.S. Treasury, the Social Security Administration, and Homeland Security, recently published code to his GitHub containing the private key. The key allowed access to dozens of models developed by xAI, including Grok.

Philippe Caturegli, founder of consultancy firm Seralys, alerted Elez to the leak earlier this week. Elez removed the key from his GitHub but the key itself was not revoked, allowing continued access to the AI models.

-snip-

Read more: https://techcrunch.com/2025/07/15/doge-staffer-with-access-to-americans-personal-data-leaked-private-xai-api-key/



More, from KrebsOnSecurity.com:

https://krebsonsecurity.com/2025/07/doge-denizen-marko-elez-leaked-api-key-for-xai/

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language models (LLMs) developed by Musk’s artificial intelligence company xAI.

On July 13, Mr. Elez committed a code script to GitHub called “agent.py” that included a private application programming interface (API) key for xAI. The inclusion of the private key was first flagged by GitGuardian, a company that specializes in detecting and remediating exposed secrets in public and proprietary environments. GitGuardian’s systems constantly scan GitHub and other code repositories for exposed API keys, and fire off automated alerts to affected users.

Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, said the exposed API key allowed access to at least 52 different LLMs used by xAI. The most recent LLM in the list was called “grok-4-0709” and was created on July 9, 2025.

-snip-

“If a developer can’t keep an API key private, it raises questions about how they’re handling far more sensitive government information behind closed doors,” Caturegli told KrebsOnSecurity.

-snip-


The article continues with reminders that at the Treasury Department, Elez violated agency policies by sending unencrypted personal information. He wasn't fired for that, but resigned after news stories about racist and pro-eugenics social media posts. Then Peter Thiel lackey JD Vance convinced Trump he should be rehired, and he's since worked at a number of departments:

Social Security Administration
Department of Labor
Customs and Border Protection
ICE
Department of Justice
11 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
DOGE staffer with access to Americans' personal data leaked private xAI API key (Original Post) highplainsdem Jul 15 OP
Marko Elez should face criminal charges UpInArms Jul 15 #1
And Musk should be sued for every penny he has, in a class action suit, for bringing such untrustworthy highplainsdem Jul 15 #3
It's time to notify everyone in the country to change their passwords AGAIN FakeNoose Jul 15 #2
We knew all along, Bayard Jul 15 #4
We can all expect a lot more spam and attempts at identity theft. Lonestarblue Jul 15 #6
Deflection? Nasruddin Jul 15 #5
Gosh. Who could have foreseen this would be a problem progressoid Jul 15 #7
And Grok is now licensed to the Pentagon so all our military secrets will be able to be hacked. So MAGA! LymphocyteLover Jul 15 #8
K and R riversedge Jul 15 #9
Swordfish angrychair Jul 15 #10
Yikes - I need to bookmark this. yellow dahlia Jul 15 #11

UpInArms

(53,188 posts)
1. Marko Elez should face criminal charges
Tue Jul 15, 2025, 10:36 AM
Jul 15

and spend the rest of his life on 10 thread count sheets

highplainsdem

(57,575 posts)
3. And Musk should be sued for every penny he has, in a class action suit, for bringing such untrustworthy
Tue Jul 15, 2025, 10:42 AM
Jul 15

people into government agencies.

FakeNoose

(38,026 posts)
2. It's time to notify everyone in the country to change their passwords AGAIN
Tue Jul 15, 2025, 10:39 AM
Jul 15

At this point it might be easier to just move to a different country.

Bayard

(26,166 posts)
4. We knew all along,
Tue Jul 15, 2025, 10:58 AM
Jul 15

Something bad was going to come of those little cretins pouring through our personal data. I wonder how many hackers have it now.

Lonestarblue

(12,837 posts)
6. We can all expect a lot more spam and attempts at identity theft.
Tue Jul 15, 2025, 01:04 PM
Jul 15

I opened an online savings account and now keep just enough money to pay current bills in the bank account Social Security has. I’m sure Elon’s coding delinquents misappropriated all our information.

LymphocyteLover

(8,410 posts)
8. And Grok is now licensed to the Pentagon so all our military secrets will be able to be hacked. So MAGA!
Tue Jul 15, 2025, 01:21 PM
Jul 15

angrychair

(10,920 posts)
10. Swordfish
Tue Jul 15, 2025, 02:29 PM
Jul 15

Everything about the current situation with DOGE and eLoon and all his little minions like Mr. Elez, just seems to be bad, awkward. Poor casting.
This is where the movie "Swordfish" is relevant. It was a 2001 tech-inspired action thriller that had great potential but failed to deliver on every possible metric.
It featured Hugh Jakeman as Stanley Jobson as a elite hacker, enlisted to help steal $10 billion dollars from the government for John Travolta's character Gabriel Shear.
Casting for this movie is amazing, with Jackman, Travolta, Berry, Cheadle, Shepard and De Matteo.
While these actors are true masters of their craft, you can't shake the feeling throughout the whole thing that something is off.
Hugh Jakeman is a legendary actor but his role as a hacker in this movie is absolutely terrible. Nothing he does in the movie even resembles what hacking actually looks like and this is easily one of his most awkwardly executed roles of his career.

I summarized the movie because I see a lot of it in what is happening right now. A narcissistic, ego driven over the top cookie cutter villain. An easily manipulated hacker that sees himself as a hero but is really about as out of place as a pet gold fish at the Westminster Dog Show and just as awkward.

My evidence straight from the OP article:

Elez removed the key from his GitHub but the key itself was not revoked, allowing continued access to the AI models.

While he may be very good at what he was doing before this, being a racist Nazi I suppose, he is very bad at hacking and managing computer systems. Its just not the right role but this is the role his over the top narcissistic boss, in this case, eLoon, needs him to do because when it's all over he needs people like Mr. Elez to be left holding the bag and taking the blame just like Travolta's character intended for Jackman's character.

The movie had bad casting and poor writing but a mediocre movie doesn't hurt anything but your patience.
But people like eLoon and Elez and DOGE and Mango Mussolini, are causing real harm and harm that go on and on long after this movie is over.

Latest Discussions»Latest Breaking News»DOGE staffer with access ...