Federal employees are attempting to block Elon Musk's DOGE associates from operating what they say is an illegal server at the Office of Personnel Management. Janes Does 1 and 2 allege the server, connected to a government network to harvest information on federal employees, violates federal law and could expose staffers' personal information, including names and emails, to hostile foreign adversaries. Under federal law, such a server would first need to undergo a mandatory privacy impact assessment by the office, which acts as the government's human resources department. A class-action lawsuit filed Jan. 27 in DC District Court claims no such assessment was done, per Wired.
As the outlet reports, OPM did not previously have the technical capability to email all federal workers from a single email account. "[A]t some point after 20 January 2025, OPM allowed unknown individuals to simply bypass its existing systems and security protocols for the stated purpose of being able to communicate directly with those individuals without involving other agencies," reads a motion filed Tuesday, seeking a temporary restraining order to block the server. The fear is that federal workers could be subject to phishing attacks through contact with the unencrypted account HR@opm.gov, which has been used to send emails to federal employees as part of the Trump administration's "deferred resignation program."
In a letter requesting details on who installed the equipment, Democrats on the House Oversight Committee argue that "acquiring such a capability securely and in compliance with federal cybersecurity, privacy, and procurement laws would likely not have been possible in such a short timeframe," per the Hill. "At best, the Trump Administration's actions at OPM to date demonstrate gross negligence, severe incompetence, and a chaotic disregard for the security of our government data," says the committee's top Democrat, Rep. Gerry Connolly. "At worst, we fear that Trump Administration officials know full well that their actions threaten to break our government and put our citizens at risk of foreign adversaries like China and Russia gaining access to our sensitive data."
story continues below
After OPM was hacked in 2015, House Republicans authored a report blaming the breach on a "breakdown in communications" between OPM's chief information officer and its inspector general, adding "the future effectiveness of the agency's information technology and security efforts will depend on a strong relationship between these two entities moving forward," per Wired. But Trump fired OPM inspector general Krista Boyd on Jan. 24, "so all bets are off," says Kel McClanahan, the national security law litigator who filed the suit. "We can't wait for the normal course of litigation when all that information is just sitting there in some system nobody knows about with who knows what protections." (More Department of Government Efficiency stories.)
,
uBlock 
,
and
Ghostery 
)
