[aweiher]

The first sentence is actually:

> Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware

Does not sound like clickbait for me.

[InsideOutSanta]

The Ars Technica article is a bit confusing, if you click through to the original article, the case they make is much clearer. It's not that his credentials were found on Have I Been Pwned, which is the case for most people through no fault of their own. Instead, it's this:

>But some of the datasets that Schutt is included in are much more concerning than normal data breaches because they're from stealer logs.

Logs from information-stealing malware were leaked multiple times, and if your credentials appear in multiple of those, that's reasonably good evidence that you are doing something wrong.

So I don't think the headline is clickbait, but I do think that the Ars article could be clearer in making its point.

[Ukv]

"Well-known" email addresses (e.g: gaben@valvesoftware.com, president@whitehouse.gov) also seem to show up in these mentioned stealer logs on https://haveibeenpwned.com/ - which makes me suspect addresses are extracted from keypresses even if just typed in the To field of an email, for instance, and do not necessarily indicate the owner of the email has malware on their machine or has had their account/password compromised.

[poincaredisk]

>reasonably good evidence that you are doing something wrong.

No need for multiple leaks, just one is enough.

And I wouldn't say "do something wrong", just getting infected with an infostealer. Happens all the time.

[InsideOutSanta]

Yes, by "doing something wrong," I meant "doing something that gets you infected with an infostealer," not something ethically wrong or illegal.

[trollbridge]

At one point I was a contractor for a government department and at another I was at a government sponsored NGO.

My credentials are in the various leaks, like the Adobe one.

“Login credentials belonging to a Department of Defense contractor, who previously had worked at a government-sponsored media outlet, have appeared in multiple public credential leaks.”

[cma]

Yep, headline doesn't say it is his current computer or anything, just that his computer was infected. It would be clickbait if it said his current computer is actively infected. Less clickbait than now if it said one of his computers appears to have been infected at some point.

[krick]

Cannot tell if it's sarcasm or not. Obviously everyone who reads the headline assumes it's his current computer, and it had some, uh, consequences. That's why they click. That's what makes it clickbait. Nobody would care otherwise.

(Also, if you are willing to be pointlessly formal, it goes in both directions, since it can be argued that a computer, which belongs to a person, who in the future will become DOGE's software engineer, but hasn't become yet, also formally isn't a "DOGE software engineer’s computer".)

[poincaredisk]

>Nobody would care otherwise.

As long as it's a work computer, what does it matter if it's his current computer or not? Remember that we're talking about an infostealer, it got his credentials and "that's it" (that's gravely serious).

[roenxi]

Wouldn't the assumption be that some percentage of government workers have infostealers on their computers? The track record of these people is not good, pretty much since we've had the internet there have been a steady stream of minor-to-moderate scandals where information gets to places that it shouldn't be.

This might just be selection bias because there is a large crowd of angry people looking for things to fling at DOGE.

[dakr]

If there's bias, I think it comes from people being concerned that there are people coming into various govt. offices, demanding and receiving write/read, non-logging accounts on systems containing sensitive information. The access DOGE staffers are being granted absolutely warrants extra scrutiny of their conduct and security practices.

[cma]

> Nobody would care otherwise.

If his accounts were compromised after the computer was (as article indicates), people would still care. It included Greenfield too, so potentially has password reuse risk.

[cma]

autocorrect; "included credentials too"