Riley Sennott, 26, is listed as a “senior advisor” in an internal NASA directory, similar to the nebulous titles given to some DOGE staff in other agencies. His name and involvement with DOGE have not been previously reported.
Like many other DOGE workers, he deleted his LinkedIn profile and made his X account private in recent months. However, Sennott did not make the Google Calendar linked to his personal email address private.
Anyone with the address could see every appointment Sennott had on the calendar going back to 2016. On January 6, for example, the calendar included a 15-minute event titled “Riley Sennott and DOGE Recruiting.” The invite came from a Gmail address that DOGE appeared to be using for recruiting.
A calendar appointment from 2023 noted that Sennott “is currently working with a non-profit team in Ukraine to efficiently deliver aid and support evacuations.” The blurb said that Sennott studied symbolic systems and environmental studies in college, “briefly dabbled in consulting,” and has an “entrepreneurial spirit.” His calendar also showed several events related to an internship at Booz Allen Hamilton in 2021.
“The Department of Government Efficiency (DOGE) has arrived onsite at the agency. We anticipate that they will start reviewing our contracts to find efficiencies,” the email reads, according to a copy reviewed by BI.
Last organisation I worked for—not for profit, health—had around 17,500 employees. One of the cybersecurity managers had every employees details and devices on a Google Sheet private account that anyone could see if they had the share URL.
Home addresses, phone numbers, MAC addresses, IMEIs, columns of PII…
I started getting all sorts of unsolicited contact and 2-step authentication alerts “randomly” after two months there and 8 months later rEvil successfully ransomwared for $3.4M.
So when I found this sheet and no one took it seriously, I declared an internal data breach, submitted it to the fed—as you legally must in this country—and shit hit the fan for that department.
I recently had to submit some PII to my employer. The person requesting that information invited me to a video meeting so that the information wouldn’t easily be accessible on record.
I’ve been working in this field for around fifteen years. This was the first time someone in charge of handling my information has even pretended to care about it.
You are a legend
That is fucking amazing.
Please tell me this ‘cybersecurity manager’ was… fired, or drawn and quartered, or something.
Probably got a promotion.