A researcher reported a high-severity information disclosure and user enumeration vulnerability to the Dutch government's NCSC-NL, resulting in a fix but only receiving a t-shirt as compensation instead of meaningful bounty.
A former DOGE software engineer embedded at the Social Security Administration allegedly exfiltrated a thumb drive containing Numident and Master Death File databases with 500+ million Americans' records (including SSNs, birthdates, race/ethnicity), then attempted to upload the data at a private sector job while claiming he expected a presidential pardon if caught. The incident reflects systemic failures in federal data security protocols resulting from DOGE's placement of inexperienced personnel with unfettered access to highly restricted government systems.