A Department of Government Efficiency (DOGE) staffer violated U.S. Treasury security protocols by transmitting unencrypted sensitive personal data via email, according to sworn testimony from a senior cybersecurity official filed in federal court this past Friday.
Security Lapse Exposed in Federal Lawsuit
The breach involved Marko Elez, who was embedded at the U.S. Treasury. Evidence presented in a court filing reveals that Elez emailed a spreadsheet containing personally identifiable information (PII) to two Trump administration officials. The incident occurred shortly before his resignation in early February, which followed public scrutiny regarding his alleged involvement in racist social media posts.
The details were disclosed by David Ambrose, the chief security and privacy officer at the Treasury’s Bureau of Fiscal Services. This specific bureau is responsible for disbursing trillions of dollars in federal funds annually. The revelation surfaced as part of a lawsuit filed by a coalition of U.S. attorneys general, who are seeking to block DOGE personnel from accessing the massive, highly sensitive financial databases managed by the Treasury.
Forensic Investigation Confirms Policy Violation
Following Elez’s resignation, the Treasury performed a forensic analysis of his government-issued laptop. The audit of his official email account confirmed that the data transmission bypassed mandatory encryption requirements and lacked the necessary administrative approvals.
While the court documents do not itemize every piece of data leaked, they confirm the exposure included names of individuals or entities, transaction types, and specific financial amounts. Ambrose explicitly stated that Elez’s actions were “contrary to department policies.”
Ongoing Concerns Regarding DOGE Oversight
The fallout from this security failure has intensified legal pressure on the administration. The coalition of attorneys general stated that the findings highlight the “rushed and chaotic nature” of the onboarding process for the DOGE team, asserting that these security lapses validate their concerns regarding data privacy.
Despite the incident, personnel records indicate that Elez was rehired on February 18 and is currently employed at the Social Security Administration. This development coincides with separate federal litigation currently considering a permanent block on DOGE access to sensitive systems at the Social Security Administration.
The original reporting on the court filing was first provided by Bloomberg. The coalition’s formal response to the Treasury’s declaration continues to press for stricter oversight of the department’s data handling practices.