The Government Accountability Office has released findings that directly challenge the frantic reporting about a supposed DOGE breach at the National Labor Relations Board, and those audit logs show no evidence that detailees accessed NLRB systems during the period they were formally assigned there.
The GAO examined system logs for the period April 16 through July 25, 2025, the window covered by formal detailee agreements. Auditors found that accounts created for two DOGE staffers on April 24 were never used; there were zero sign-ins and no recorded activity during that span. This is a simple, verifiable fact based on the agency’s own logs.
Earlier coverage, driven largely by one whistleblower’s account, painted a far more dramatic picture involving unauthorized access, disabled monitoring tools, and data exfiltration. That narrative prompted congressional letters, media frenzy, and calls for investigations. But assertions do not substitute for records, and the records the GAO reviewed tell a different story for the audited timeframe.
The GAO explicitly reported: “GAO found no evidence that DOGE team staff accessed any of these systems between April 16, 2025, and July 25, 2025.” That sentence is the core of the audit’s finding, and it undercuts the core claim that DOGE operatives actively used NLRB systems during the period covered. Auditors pulled the sign-in logs and found zero activity across the entire period, and when the agreements expired the accounts were disabled.
The audit did not probe activity before April 16 to avoid interfering with an ongoing Inspector General inquiry, and the whistleblower says relevant actions may have occurred in March 2025. If the Inspector General turns up evidence from that earlier window, it will matter. For the period the GAO had authority to examine, however, the technical evidence is straightforward: no logins, no system use, no verified access.
The NLRB itself acknowledged at the time that it found no evidence of a system breach, but that quieter statement never generated the same headlines. The media piled on the more sensational claims, and many readers were left with the impression that verified system-level breaches had occurred. The GAO’s report reintroduces the importance of checking logs before treating allegations as proven facts.
Reporters leaned heavily on a single employee’s account and on behind-the-scenes fear among IT staff, rather than pairing claims with the kind of system-level verification that the GAO later performed. That approach created a fast-moving narrative that outpaced the kind of audit that follows and clarifies. People who saw only the initial story deserve to know what the audit shows for the timeframe it examined.
This is a reminder that reputations and policy debates can be shaped by headlines long before independent verification is completed. The GAO’s review shows the value of sober, data-driven checks on sensational claims. For those concerned about federal cybersecurity or political bias in reporting, the log files the GAO examined are the relevant facts for the audited period.
The audit leaves open unanswered questions about the pre-audit period and about why the detailees never logged in during their assignments. Both are legitimate points for further review, and the Inspector General’s findings could change the record if new evidence appears. Until then, the GAO’s documented findings stand: no access during April 16 through July 25, 2025.
That reality undercuts weeks of breathless coverage and congressional alarm tied to assertions of a breach. The evidence now on the table should temper claims that the NLRB’s systems were compromised by DOGE staff during the audited timeframe. Draw your own conclusions.
“GAO found no evidence that DOGE team staff accessed any of these systems between April 16, 2025, and July 25, 2025.”
Add comment