Daniel Berulis

Daniel J. Berulis
IT cybersecurity specialist, National Labor Relations Board

“If fear mutes us, we fail our oath. Fear and apathy are the death of democracy.” – Daniel Berulis on becoming a federal whistleblower.

The role of government includes the implicit promise to keep the personal data it collects on Americans safe. However, when the Department of Government Efficiency (DOGE) was unleashed on every department, it seems that they instead caused a major security breach at the National Labor Relations Board. When this was discovered, the whistleblower who tried to report and repair the breach was not praised, but harassed. 

Daniel Berulis, a cybersecurity specialist at the NLRB, watched in early March as DOGE members entered his department and demanded (and received) the highest levels of access to all its computer systems; importantly, Berulis was told that no one was to log their activities. Soon after, Berulis noticed that someone in Russia, external to the NLRB, had entered the systems covertly with a valid password and downloaded sensitive information related to current cases. Berulis and another employee documented what had happened, and were preparing to report this to a team within the Cybersecurity and Infrastructure Security Agency (CISA) who could investigate the security breach. Instead, they were informed that instructions had come down not to report to CISA or create an official report.

Berulis was so concerned about the possibility of Russians being given access to sensitive information that in April he filed a whistleblower complaint, addressed to Senators Tom Cotton and Mark Warner of the Senate Select Committee on Intelligence. Soon afterward, a threatening note was taped to the door of his home. However, in the meantime more than 50 lawmakers signed a letter to the NLRB asking for answers, and the House Oversight Committee said that they had asked the acting Inspector General in the Department of Labor to conduct an investigation.

It’s notable that several large companies – including Musk’s SpaceX and Bezos’s Amazon – have recently attempted to have lawsuits against them dismissed by arguing that NLRB officials should serve at the will of the president, not independently. Information on those companies’ cases was in the NLRB system, but it’s not yet known whether it was among the data that was allegedly taken. Access to that data is protected by federal laws, including the Privacy Act of 1974. 

Berulis had only been employed at the NLRB for six months when Trump took office in January 2025; before that he spent nearly two decades as an IT consultant working for various corporations.

When asked whether it was an easy decision to come forward and report the security publicly, Berulis responded: “It was never a question whether or not to do the right thing. That was always my agenda. But how I did it or whether I did it, honestly, was absolutely a question – it’s my safety. There’s so much at play that I didn’t realize, too. But I’m standing behind it. I’m putting my name to it. That’s just who I am.” As for what he would like to see happen, he said: “I just want somebody to look at the data, look at what’s happened. Find out. That’s it.”

Berulis is encouraging federal workers to speak up if they notice something suspicious: “I loved my job, my team, my agency, our mission, and the opportunity to serve the people of this great nation. When internal channels stalled, I weighed my clearance, paycheck, and career against the potential national impact of staying silent. The country’s cybersecurity, and the public’s trust, were worth the risk. If fear mutes us, we fail our oath. Fear and apathy are the death of democracy. Each of us entered public service to uphold the Constitution and serve millions who may never know our names. That duty runs deeper than politics or fear. We all know the difference between right and wrong. If something at your agency keeps you up at night, don’t hope the storm passes and keep your head down. Gather the facts, protect yourself, and speak up. Duty is hardest when it matters most, which is exactly why it matters most.”

The issue Berulis makes visible here is crucial data security: who has access to sensitive information on American citizens, and what use can those who have access make of it if there is no one to regulate them?

Berulis is not alone: there currently at least 11 lawsuits claiming that DOGE’s access to data violates the Privacy Act of 1974. The suits were filed against individuals and also against the Departments of Education, Treasury, OMB, Labor, IRS, Social Security Administration, and Agriculture (on food stamps).

Protections for whistleblowers

Stepping forward to report illegal activity can be terrifying, especially in a government culture of retribution. Reporting has also become more difficult now that Trump has fired 17 nonpartisan Inspectors General. Trump also nominated Paul Ingrassia to lead the Office of Special Counsel, one of whose jobs is to protect whistleblowers, but critics point out that Ingrassia is underqualified and far from nonpartisan, while having the power to retaliate against workers rather than encouraging them to speak up. In addition, Trump has published two memoranda demanding investigations into two former employees whose comments angered him: Miles Taylor and Chris Krebs. However, there are ways for whistleblowers to protect themselves: