The NPR story mentioned in the tweet at the bottom of this thread is discussed here: https://news.ycombinator.com/item?id=43691142
But it doesn't dig as deep as this thread.
Isn't an out-of-country rule relatively trivial to get around using a domestic proxy?
Watch carefully for the official who demands logins be permitted from outside the country.
Just read of this on BSky.
Has some of the protected disclosure document from the whistleblower.
https://bsky.app/profile/mattjay.com/post/3ln2dgoksce2e
Looks like Elon's staff went in and made a copy of everything - which in this case NLRB, so sensitive stuff, but any state department going to have a ton of sensitive stuff - and sent it who knows where; this after disabling all logging and a ton of security, presumably to try to cover their tracks.
This is bad. These guys are looking like bad actors, with State-level authorization for access to everything.
Also looks like they're kids and don't have the hang of security, and the professional Russian State run APTs have hacked them.