Elon Musk and a team of civilians have obtained direct access to the Treasury Department's systems and data, according to a complaint filed by government employees.
Representatives of the Department of Government Efficiency, which Musk leads as a "special government employee," tried for weeks to access the Treasury payments systems and were rebuffed by David Lebryk, the highest-ranking career official. When Scott Bessent became treasury secretary in late January, he gave DOGE staff full access to the federal payment system, t
The security implications for the government, for American citizens and for banks are vast.
"This is code red. There is no other way to describe it," said Theodora Lau, founder of Unconventional Ventures, a consulting firm that works with banks and fintechs.
The payment system in question is run by a Treasury unit called the Bureau of the Fiscal Service, which manages a huge portion of payments that go through the federal government, including Social Security benefits, tax refunds and payments to federal workers and contractors.
"It totals more than $5 trillion," said Stessa Cohen, an independent banking industry analyst and author of the
"It's not a trivial point that this will affect banking and payments, service providers, rails and everybody else," Cohen said.
Senate Democrats held a press conference Monday denouncing Musk's actions.
"Before our very eyes, an unelected shadow government is conducting a hostile takeover of the federal government," said Chuck Schumer, D-N.Y.
Maryland Sen. Jamie Raskin said, "Elon Musk, you may have illegally seized power over the financial payment systems of the United States Department of Treasury, but you don't control the money of the American people. The United States Congress does that — under Article I of the Constitution. And just like the president, who was elected to something, cannot impound the money of the people, we don't have a fourth branch of government called Elon Musk. And that's going to become real clear."
Musk did not respond to a request for comment.
On the day Trump took office, he signed
Some question whether the DOGE workers are employed by the federal government. If not, giving non-government employees access to the Treasury's payment system is a data breach in and of itself. And the possibilities for what could go wrong are almost endless.
"When all of a sudden the system used to make payments and disperse funds is taken over by outside, non-vetted, certainly not security-cleared people, it could degrade that trust dramatically with repercussions that may not even require some of the horrible things that could happen," said Richard Stiennon, a research analyst at IT-Harvest, a technology analyst firm, in a
One grave risk is presented by the fact that hackers know the identities of several people who have access to the Treasury system and can use that information to try to break in, including nation-state hackers in China, Iran and Russia, Stiennon said.
A 25-year-old engineer who previously worked for two Elon Musk companies, Marko Elez, is one of the DOGE staff who have access to the Treasury systems, according to
Bloomberg reported, citing unnamed sources, that Elez and Krause have offices in the Treasury Department, along with agency email addresses as well as clearance to access some secure but unclassified Treasury information.
Elez couldn't be reached for comment. Krause did not respond to a request for comment.
Another risk is that Musk's team could personally trade on and profit from the sensitive government information.
"This gives Musk and his high school juniors the opportunity to have more insider trading information than anyone in history," said Dion Lisle, partner at the Fund of Funds Venture Fund, in the podcast. "There's no insider trading laws that are going to impact them. These kids could make billions in the next month."
There's also a security risk to Americans, Lau said.
"If you think about payment flow, you think about where that money is coming from and going to now, instantly they have access to information of every single American, basically, and every single American business," she said. They could also manipulate or download the data, she said.
The Treasury Department's privacy policy says personally identifiable information can only be used or shared for the purposes for which it was gathered. According to the Treasury Department's privacy handbook, any officer or employee of the department who doesn't comply with its privacy policies would be guilty of a misdemeanor and fined up to $5,000.
Bank leaders should be more concerned about all of this than they appear to be, Cohen said.
"This togetherness of politics and banking doesn't seem like a trustworthy thing, because how much trust do Americans already not have in politics and political parties?" she said. "And if you don't have trust in the banking system, do you start to have runs on cash?"
