Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, The Treasury and Justice departments, and the Department of Homeland Security, Krebs On Security reported.
So it should fill all Americans with a deep sense of confidence to learn that Mr Elez over the weekend inadvertently published a private key that allowed anyone to interact with more than four dozen large language models (LLMs) developed by Musk’s artificial intelligence company xAI.
On July 13, Mr. Elez committed a code script to GitHub called “agent.py” that included a private application programming interface (API) key for xAI. The inclusion of the private key was first flagged by GitGuardian, a company that specializes in detecting and remediating exposed secrets in public and proprietary environments. GitGuardian’s systems constantly scan GitHub and other code repositories for exported API keys, and fire off automated alerts to affected users.
Philippe Caturegli, “chief hacking officer” at the security consultancy Seralys, said the exposed API key allowed access to at least 52 different LLMs used by xAI. The most recent LLM in the list was called “grok-4-0709” and was created on July 9, 2025.
TechCrunch reported: A DOGE staffer with access to private information on millions of Americans held by the U.S. government reportedly exposed a private API key used for integrating with Elon Musk’s xAI chatbot.
Independent security journalist Brian Krebs reports that Marko Elez, a special government employee who in recent months has worked on sensitive systems in the U.S. Treasury, the Social Security Administration, and Homeland Security, recently published his code to his GitHub containing the private key. The key allowed access to dozens of models developed by xAI, including Grok.
Philippe Caturegli, founder of consultancy firm Seralys, alerted Elez to the leak earlier this week. Elez removed the key from his GitHub but the key itself was not revoked, allowing continued access to AI models.
Mashable reported: Five months after DOGE staffer Marko Elez resigned from the agency over racist social media posts, he’s not only back at DOGE, but the back in the news for another not-very-positive reason.
Cybersecurity journalist Brian Krebs published a report on Monday indicating that, over the weekend, Elez published a private API key to GitHub that would allow users to “directly interact” with some of xAI’s (Elon Musk’s AI company, for those who haven’t been following along) large language models. To be clear, “some” might be understanding it, as the total number of LLMs that were made accessible in this leak was at least 52.
While it’s not ideal from xAI’s perspective for that information to be out in the open like that, the real concern for the general populace here is that Elez exhibited poor operational security habits while simultaneously having access to loads of important information held by the U.S. government.