I was about to close my laptop and begin getting ready for bed, and I decided to take one more sweep through the news sites, and the WaPo has this gem:

“Sensitive Documents, including White House Floor plans, improperly shared with thousands” (gifted link)

Apparently, the GSA allows their staff to use Google Drive to share documents. This is so colossally stupid, I just got nothing.

Apparently, this has been the practice for over 4 years, so no, the Biden administration is not clean.

Look, I get the convenience of using these services, but the one I would least fucking trust is Google.

Career employees at the General Services Administration, which provides administrative and technological support for much of the federal bureaucracy and manages the government’s real estate portfolio, were responsible for the oversharing, which spurred a cybersecurity incident report and investigation last week. The records show that the employees inadvertently shared a Google Drive folder containing the sensitive documents with the entire GSA staff, which totals more than 11,200 people, according to the agency’s online directory.

I swear to fucking God, this is just so stupid, so bad. Why the fuck do they not just lock down these computers? Why do they not block this?

At least they do seem to have some controls and plans:

One longtime GSA official said the agency uses software that regularly scans its Google Drives to detect files that are inappropriately shared and lock those down. GSA also holds yearly mandatory trainings for staff to teach them best practices for document sharing and privacy, said the employee, who spoke on the condition of anonymity because they were not authorized to discuss the matter publicly.

I mean, at least they found it after four fucking years.

Look, I am not a cyber security guru, but I know that this is shit you don’t do. I do not use consumer grade products to do work like this at my job. I know what our approved software list is, our infosec people at my job are top notch, and I know that if I did anything like this in my professional life, I would expect to get sacked.

For fuck’s sake, you don’t need DOGE to leak terabytes of data to the Ruskies if you’re going to do stupid shit like this.

Oh, at least the GSA IT team tried to find the owner…

By Thursday, the IT team had identified the owners of the files and reversed the file-share, so the documents were no longer accessible to 11,000-plus employees, the records show.

The GSA IT team repeatedly attempted to contact the owner of the files but never received a response, the records show. The IT team’s investigation into the incident continues, the records show.

These people really need to get their shit together.