The DOGE website, associated with Elon Musk’s initiatives, has been compromised due to a significant security vulnerability. This site, which aims to document the actions of Musk’s team against the U.S. federal government, is reportedly pulling data from an insecure database, allowing unauthorized edits.
Experts identified that the website, doge.gov, is accessible for anyone to modify, raising concerns about the integrity of the information displayed. Two web developers alerted 404Media after discovering that the database could be manipulated by third parties, leading to the insertion of unauthorized content.
At least two entries mocking the website have been added, illustrating the ease with which users can alter its content. The modifications remain visible even after the report’s publication.
Despite claiming to be an official U.S. government site, the DOGE website does not appear to be hosted on government servers, indicating a lack of proper oversight in its development. The recent launch of the site has been criticized for its simplistic design and minimal content.
This incident highlights ongoing issues with website security within government-related projects. Just days prior, another site, waste.gov, was taken offline after it was found to be running on an unedited WordPress template.
Initially launched in January, the DOGE website has since begun integrating posts from its associated X account, along with information about U.S. government regulations and workforce statistics. However, the security breach raises serious questions about the management of sensitive information.
For further details, visit the original article at The Verge.