March 16, 2025 Court documents reveal that Marko Elez, a staff member of the Department of Government Efficiency (DOGE), breached Treasury Department protocols by emailing unencrypted personal information to officials at the General Services Administration (GSA). The spreadsheet contained names, transaction types, and monetary amounts but excluded sensitive identifiers like Social Security numbers. Despite the absence of highly sensitive data, Elez’s actions contravened established security policies requiring encryption and proper authorization for transmitting such information.

Prior to his role at DOGE, Elez was employed by companies associated with Elon Musk, including X and SpaceX. He resigned from DOGE in early February following the emergence of racist social media posts linked to him but was subsequently rehired by the Social Security Administration. Notably, Elez was mistakenly granted read and write access to Treasury systems, a privilege that should have been restricted.

This incident has intensified a lawsuit filed by 19 state attorneys general against the Treasury Department concerning DOGE’s access to sensitive information. The plaintiffs argue that the onboarding process for DOGE personnel was rushed and chaotic, potentially compromising the integrity of federal payment systems. The Treasury Department maintains that the document transmitted by Elez posed a low risk due to the lack of sensitive identifiers and asserts that Elez did not alter any payment systems.

The broader context includes apprehensions about DOGE’s access to federal payment systems and personal data. The lawsuit alleges that unauthorized access could lead to misuse of information and undermines established protocols designed to protect citizen data. Lawmakers have called for investigations into how DOGE personnel were granted access and the potential risks involved.

The unauthorized transmission of personal data by a DOGE staffer underscores the critical need for stringent adherence to data protection policies within federal agencies. As the lawsuit progresses, it highlights the importance of robust oversight and secure handling of personal information to maintain public trust in governmental operations.