DOGE’s Cybersecurity Failures Under Elon Musk

Elon Musk’s leadership of the Department of Government Efficiency (DOGE) has left behind a troubling cybersecurity legacy. Over his brief four-month tenure, critical lapses—ranging from unsecured systems to mishandled data—have raised serious concerns about national security.

At the heart of the controversy is CVE-2025-20188, an arbitrary file upload vulnerability in Cisco’s Wireless LAN Controllers, but Musk’s DOGE tenure saw broader issues: unapproved servers, admin accounts without logs, and unvetted personnel granted privileged access. Reports of data leaks, foreign login attempts, and the misuse of AI to process sensitive federal information surfaced across agencies like the SSA, Treasury, and NLRB.

A mass email directive asking millions of federal employees for work summaries via unsecured channels sparked outrage, with warnings it created a "honeypot" for adversaries. Additionally, DOGE’s role in purging cybersecurity leadership from agencies like the FBI and CISA triggered political and legal backlash.

Whistleblowers alleged unauthorized access to nuclear networks and the secret construction of a massive federal data hub, raising privacy and national security alarms. Despite judicial interventions limiting access, watchdogs say Musk's aggressive tactics undermined federal cybersecurity protocols at a critical time.

As Musk exits Washington, questions linger about the long-term damage to U.S. digital infrastructure.