Calm. Methodical. Evidence-Based.

buried.news Restoring Shared Reality

Norms Impact

Exclusive: DOGE staffer

A federally network-cleared “senior adviser” is tied by digital records to services for a cybercrime group, shattering the baseline norm that access follows rigorous, conflict-aware vetting.

Executive

Mar 26, 2025

Sources

  1. https://www.reuters.com/world/us/doge-staffer-big-balls-provided-tech-support-cybercrime-ring-records-show-2025-03-26/?utm_source=reddit.com

Summary

Digital records reviewed show Edward Coristine, a prominent technologist on Elon Musk’s U.S. DOGE Service team, previously provided network services to a cybercrime group calling itself EGodly. He is listed as a senior adviser in staff directories at the State Department and the Cybersecurity and Infrastructure Security Agency while DOGE has been given sweeping access to official networks. The result is a federal network-security posture exposed to heightened risk from recent, documented proximity to actors linked to stolen-data trafficking claims, cyberstalking, and swatting.

Reality Check

Granting sweeping government-network access alongside a recent, documented service relationship to a cybercrime-branded operation is the kind of preventable exposure that can weaken democratic stability and, in practice, put our data and rights at risk. The conduct described is not clearly chargeable on this record alone, but it raises unavoidable questions under federal computer-crime and data-trafficking frameworks commonly implicated in such ecosystems, including the Computer Fraud and Abuse Act (18 U.S.C. § 1030) and the identity-fraud statute (18 U.S.C. § 1028). Even without proof of knowing participation in hacking, embedding someone with this proximity inside CISA and State while DOGE gains broad access erodes the norm that cybersecurity gatekeeping is strict, recent-risk aware, and insulated from informal favoritism.

Detail

<p>Edward Coristine, 19, is among the most visible members of Elon Musk’s U.S. DOGE Service team, which has been given sweeping access to official networks while pursuing a project to downsize the U.S. government. Beginning around 2022, Coristine ran a company called DiamondCDN that provided network services, according to corporate and digital records and interviews with former associates.</p><p>Digital records preserved by DomainTools and Any.Run show the cybercrime group EGodly’s website, dataleak.fun, was tied to internet protocol addresses registered to DiamondCDN and other Coristine-owned entities between October 2022 and June 2023, and some visitors encountered a DiamondCDN “Security check.” On Feb. 15, 2023, EGodly publicly thanked DiamondCDN on Telegram for “DDoS protection and caching systems.”</p><p>Coristine did not respond to messages. DOGE and the State Department did not respond to questions; CISA declined comment. Coristine is listed as a “senior adviser” at State and CISA, and describes himself on LinkedIn as a “Volunteer (Intern) Plumber” with the U.S. government.</p>