Contemporaneous reporting was that DOGE people demanded root-level access across multiple systems (disallowed by federal policy, so political appointees had to demand the access) and without background checks or onboarding, after which they extracted protected data and shoved it in some S3 buckets. Just blew a hole right through the entire federal data protection model; you can't plan for "the President orders everyone to ignore all privacy and security controls" as a threat model.

True, but you can at least correctly label it and no longer refer to it as a "secure environment".

It was absolutely a secure environment prior to DOGE laying waste to all the layers of security in place. Presumably those safeguards are now back in place post-DOGE razing.

Not unless they rebuild all of the infrastructure from scratch. Far too believable that something nefarious was left behind.

After you know someone already had root access to everything?

There's absolutely no way to guarantee that ever again.

Was it though? Haha

You sound like the guys I know who work at banks, talking about all this policy, how secure they are.

Indeed. The story should be that DOGE compromised these environments (at the direction of President), which allowed data to be exfiltrated by randos.

That would be an admission of culpability, sadly.

Maybe it wasn't trivial?