How does one email a database? With rare exceptions most mail servers have attachment limits of 16MB to 32MB. Just the schema alone could use up a chunk of the attachment limits. Is the title just oddly worded perhaps? Maybe they meant specific query results?
[Edit] Based on replies specific query results of two people names and dollar amounts into a spreadsheet. Poorly worded title on El Reg's part. Still a security privacy and compliance incident.
12. The forensic analysis also revealed that Elez sent an email with a
spreadsheet containing PII to two United States General Services Administration
officials. The PII detailed a name, a transaction type, and an amount of money.
"Treasury said Ryan Wunderly will replace Marko Elez on the agency’s DOGE team. Elez examined the federal payments system housed at the Bureau of the Fiscal Service before he resigned from Treasury earlier this month after The Wall Street Journal surfaced racist social media posts."
The actual filing (which is linked from the article) is more specific in its claims:
>The forensic analysis also revealed that Elez sent an email with a spreadsheet containing PII
>to two United States General Services Administration officials.
"database" in legal/business speak (AFAIK) is the more general "organized collection of data" - not the more software engineer focused relational/object/graph- implementations of such.
He’s already resigned because he was linked to racist and abhorrent social commentary; the export was considered low-risk; and based on what happened between coequal branches of government this week, the Administration feels they’re accountable to no one.
He was reinstated quickly at the order of the vice president. It's been strange getting older and seeing aspects of politics I thought were fairly fundamental quickly change. I remember not too long ago when accusations of racism were considered slanderous attacks by liberals on conservatives, and now they are apparently reveling in racism because it bothers liberals. It's no way to run a government if you ask me, but no one seems interested in my (seemingly) outdated opinions.
> accusations of racism were considered slanderous attacks by liberals on conservatives, and now they are apparently reveling in racism because it bothers liberals
They're quite capable of doing both of these at the same time.
Unless he's resigned again in recent weeks and I've missed it, Elez was brought back within days of his resignation after a short campaign to manufacture consent by JD Vance and Musk.
It might surprise the good readers of Hacker News, but by reading TFA, and the linked PDF therein, answers may be revealed!
> 12. The forensic analysis also revealed that Elez sent an email with a spreadsheet containing PII to two United States General Services Administration officials. The PII detailed a name (aperson or an entity), a transaction type, and an amount of money. The names in the spreadsheet are considered low risk PII because the names are not accompanied by more specific identifiers, such as social security numbers or birth dates. Elez’s distribution of this spreadsheet was contrary to BFS policies, in that it was not sent encrypted, and he did not obtain prior approval of the transmission via a “Form 7005,” describing what will be sent and what safeguards the sender will implement to protect the information.
This is exactly what the court filing says - he emailed excel spreadsheets with unencrypted data. Presumably from database queries hence why they mention emailing a database. Obviously written by people who are entirely unfamiliar with what a database even is so it makes it sound worse than it is (even though it is still bad, but not quite "send the entire database" bad.)
Given a desired message size of max_bytes megabytes (in reality the messages will be smaller due to the use of gzip), a database dump command which dumps the database to stdout, a correctly configured mail environment and a destination address of [email protected]:
$ RCPT="[email protected]" database_dump_command | split -b max_bytes M --filter="gzip -| base64 | mail -s \$FILE \$RCPT"
Next time they might want to replace | base64 | with | gpg -r [email protected] -e -a |' which would turn the unencrypted export into an encrypted version:
$ RCPT="[email protected]" database_dump_command | split -b max_bytes M --filter="gzip -| gpg -r \$RCPT -e -a | mail -s \$FILE \$RCPT"
[Edit] Based on replies specific query results of two people names and dollar amounts into a spreadsheet. Poorly worded title on El Reg's part. Still a security privacy and compliance incident.