The DOGE website created to document how Elon Musk’s team is eviscerating the US federal government is wide open for anyone to edit. This is the same DOGE organization that has gained unprecedented access to sensitive US financial systems with data on millions of Americans.

Two web development experts reported the security flaw to 404Media after discovering that doge.gov is pulling from a database that third parties can access and update, pushing unauthorized entries to the live website. At least two database entries have been added by one of the coders to say “this is a joke of a .gov site” and “THESE ‘EXPERTS’ LEFT THEIR DATABASE OPEN -roro.” Both pages are still visible hours after 404Media published its report. 

While doge.gov displays a banner describing itself as “an official website of the United States government,” the developers say it “feels like it was completely slapped together” and doesn’t appear to be running on government servers.

The discovery establishes a poor track record for the White House’s website administration practices — on Wednesday, the newly created waste.gov site was hidden and locked down after it was found to be mostly displaying an unedited WordPress template. 

The DOGE website was launched in January, but aside from displaying three lines of text and a cartoony logo that has since been removed, it sat largely empty for weeks. Elon Musk touted during an Oval Office press conference on Tuesday that DOGE’s cost-cutting actions have been “maximally transparent” because the organization was publishing its activity to X and the DOGE website — despite the latter still being devoid of information at the time.

Since the doge.gov site was updated on Thursday, it now pulls in posts published to the DOGE X account, alongside various stats about US government regulations and its federal workforce.