59 Comments

Thank you for getting this out there! I swear there are 10 of you getting news to us immediately. I don't know how you do it.

And holy crap. This is a huge. As someone who is studying cybersecurity this is a giant red flag. If the OPM servers were moved to the cloud and compromised, it wouldn't just be by Musk's team. It could very well be many foreign actors.

This is going to get ugly.

Expand full comment

First, thank you Allison for your efforts and hard work with this because we know it has far more significance than just a little email phishing. I have no doubts federal employee privacy is extremely compromised now & this little backdoor ID numbering is just a part of The Felon Administrations Identify & Purge Program.

I wouldnt be surprised at all thst with The Felon's propaganda team( probably run by Stephen Miller) in the White House, there is no privacy.

For anyone.

Anywhere.

Anymore....

UNLESS you're an inner circle maga, RepubliFascist, multimillionaire or a billionaire & even then it's limited because they like to spy on each other.

Expand full comment

I followed up and sent this to Rep. Khanna for the Cybersecurity, IT, and Gov innovation subcommittee of the House Oversight Committee for IP overreach. Hopefully they will look into it.

Expand full comment

Musk has his fingers in every piece of personal data for every single American, government employee or not. Nobody is safe, and he can change, remove, or add data, both real and imagined, as needed on individuals. Does anyone still doubt that Musk and Co. changed the election results? The only answer is to take him and his team of merry men out of service, gut the computers, and start over. Everything is corrupted.

Expand full comment

I have no doubt at all since drumpf hinted at election interference for months. What I’m puzzled about is WHY VP Harris didn’t demand inquiries into the tossed voter registrations or the votes lost from the bomb threat sites on Election Day.

Expand full comment

Agreed. So frustrating.

Expand full comment

Steven Spoonamore sent her a “Duty to Warn” letter about the election being stolen. He said he could prove how they did it. GregPalaste.com also has information on this.

Expand full comment

I have to agree with you. Musk wants to rule us. Frump is too lazy and dumb to know he has been bought and paid for and in time will be in Musk's trash can.

Expand full comment

Yes it is. I know… they have access to every employees most intimate details submitted in their background checks. This is scary.

Expand full comment

Allison how can we get this immediately public for the majority of the people to see ?

Expand full comment

Personally, I think we need to try to get this story to Rep. Ro Khanna, a strong Dem who’s on the Cybersecurity, IT, and Gov innovation subcommittee of the House Oversight Committee.

Expand full comment

Incredible reporting Allison. Can this be brought to the attention of the employees if they are compromised? Unbelievable!

Expand full comment

This is HUGE.

Hit the OPM with a FOIA as to the who authorized this expatriation of US Government systems and data, who the current cloud service provider is, and all persons having access to the data and their affiliation with the OPM and NGO’s.

Expand full comment

A replica of that mail storage would be prime data for distribution of trackers and active surveillance. It doesn't take all that long to move that data to cloud servers with the federal government's dedicated network pipes.

Expand full comment

Yes! And with The Felon Administration most anything at all can be procured, by whomever -- as long as their willing to cough up the right dollar amount.

Expand full comment

I can think of many reasons why Elon and the PayPal Mafia would want to tap those fiber backbones to the Reston DCs and the entire SIPRNet infrastructure.

Expand full comment

Exactly 😉

Expand full comment

12 likes

ONE BIG YIKES!!!

Expand full comment

Where is anonymous the group to hack these hackers?

Expand full comment

Thanks Allison and Jay! I am definitely not technologically inclined, so what I got out of it was Holy shit! That sounds like a whole lot of conspiracy fucktastrophy from a hostile foreign country to obtain information about our government and its employees. Am I right?

If that's what it is, that's terrifying.

Expand full comment

Nice job, Allison. Kudos to you.

“If you think technology can solve your security problems, then you don’t understand the problems, and you don’t understand the technology.” = Bruce Schneier

Expand full comment

Looking at WHOIS, a complete DNS records dump of opm.gov, and a TRACEROUTE, it appears everything got rehosted within Akamai Technologies domain. The tracerouted IPs were all in the US. Akamai has a healthy Federal line of business. As a whole they’ve got people experienced enough not to screw up a rehosting… unless someone dropped this on them as a rush job. The last WHOIS record change was 1/30/25, 10 minutes after midnight EST.

Expand full comment

Akamai will be around long after Trump is gone, and if they want a get-out-of-jail-free card when subpoenaed by a Democratic-controlled House committee after the midterms, they’ll make sure they snapshot the VMs

Expand full comment

mail.opm.gov is also within Akamai’s domain.

Expand full comment

It sure seems HUGE to me

Expand full comment

Which cloud they moved to is important context here. If it's a cloud container that is FEDRAMP ATO'd and under the governance of an authorizing official there's not a lot to see here. Or, is it a private cloud container under no governance? If it's the later this should be treated as a PII breach as it runs counter to FISMA 2002 (Title III of the E-Government Act of 2002, Public Law 107-347); FISMA 2014 (Federal Information Security Modernization Act of 2014, Public Law 113-283); and OMB A-130r (Establishes PII protection policies for federal agencies).

Expand full comment

Is there any way to find that out?

Expand full comment

We can draw inferences from message headers and logs but without actual governance and oversight it's only inference - not fact.

Expand full comment