DOGE's Website, Hacked - The 404 Media Podcast

Summary6 min read

The 404 Media Podcast: "DOGE's Website, Hacked" – Detailed Summary

Release Date: February 19, 2025
Host: 404 Media (Joseph, Sam Cole, Emanuel Mayberg, Jason Kebler)

1. Introduction to the Episode's Focus

In this episode of The 404 Media Podcast, hosts Joseph, Sam Cole, Emanuel Mayberg, and Jason Kebler delve into two significant stories shaping the digital landscape. The primary focus is on the recent cyberattack that defaced the doge.gov website, followed by an exploration of the troubling trend of lawyers using artificial intelligence (AI) to fabricate legal cases.

2. Cyberattack on Doge.gov

a. Overview of the Defacement

Jason Kebler initiates the discussion by recounting the events surrounding the defacement of the doge.gov website. Initially launched by Elon Musk, doge.gov was presented as a transparent government platform aimed at combating fraud, waste, and abuse within federal agencies. However, the website quickly became a target for malicious actors.

Jason Kebler [02:39]: "The doge.gov website is... well, it was a website that didn't exist like at the beginning of last week..."

b. Technical Vulnerability Exploited

The crux of the issue lay in a vulnerability associated with Cloudflare Pages, an internet infrastructure service. Unlike standard government-hosted sites, doge.gov was inadvertently hosted on a Cloudflare Pages URL, which was not secured adequately. This oversight allowed attackers to identify and exploit API endpoints that were left exposed.

Jason Kebler [04:45]: "They were able to find the API endpoints for these databases which were left exposed, meaning they were able to find out where the database was pulling from, and they were able to push their own database records to the database that were then reflected on the Live page."

The attackers manipulated the website by inserting their own content, including misleading statements about data security and the integrity of doge.gov.

Jason Kebler [06:18]: "They were able to push new entries to the database that were then reflected on the Live page."

c. Response and Implications

Despite the breach, the defaced website remained altered for approximately 18 hours—a notably extended period compared to typical government website rectifications. This delay suggests potential negligence or resource constraints within the agency responsible for doge.gov. Additionally, subsequent breaches indicated that the initial vulnerability was not promptly addressed.

Jason Kebler [07:33]: "They still haven't fixed it, which is pretty concerning."

Joseph highlights the irony and the potential reputation damage caused by such oversights, questioning the capacity of the authorities to manage their digital platforms effectively.

Joseph [09:00]: "What does it really tell us that even their website was apparently held together by digital string."

3. Related Incidents: dei.gov and waste.gov

The discussion transitions to related incidents involving dei.gov and waste.gov—additional government websites launched with similar oversight issues.

a. Exposure of dei.gov

Sam Cole reports that dei.gov was inadvertently left unprotected for 30 minutes, allowing a researcher to scrape its contents. The exposed data included questionable allocations of federal funds, such as:

$3.4 million for a "Malaysian drug-fueled gay sex app"
$15,000 to queer Muslim writers in India
$1.3 million to Arab and Jewish photographers

Sam Cole [13:07]: "It's just a laundry list of random shit that like they are claiming is wasteful use of federal funds."

These allocations lacked credible sources or references, raising concerns about the authenticity and intentions behind dei.gov.

b. Placeholder Content on waste.gov

Jason Kebler discusses the waste.gov website, which was discovered to host placeholder content for an imaginary architecture firm named "Etude." The website featured generic language promoting diversity and sustainability, directly conflicting with an executive order against Diversity, Equity, and Inclusion (DEI).

Jason Kebler [17:53]: "The placeholder language for this imaginary architecture firm violates Trump's executive order against DEI because it talks about how this imaginary architecture firm cares about diversity and cares about sustainability."

Following the publication of these issues, both dei.gov and waste.gov were secured behind password walls, leaving their future uncertain.

Jason Kebler [18:12]: "If you go to those websites right now, it just says this content is password protected."

c. Implications of Multiple Security Lapses

These interconnected incidents underscore a broader pattern of lax security and haphazard execution in the rollout of government digital initiatives. The inability to safeguard sensitive information and maintain professional website standards reflects poorly on the managing agencies.

Sam Cole [15:13]: "All three of these stories are very closely related because they're all new websites that have been spun up to track... government waste."

4. Transition to AI in Legal Practices

After addressing the cyberattacks and related website issues, the podcast shifts focus to the burgeoning use of AI within legal practices, highlighting significant concerns and recent incidents.

5. Lawyers Using AI to Fabricate Cases

a. Overview of the Issue

Sam Cole introduces the troubling phenomenon of lawyers employing AI, specifically large language models (LLMs) like ChatGPT, to generate fictitious case citations in legal filings. This malpractice undermines the integrity of the legal system and poses serious ethical and legal repercussions.

Sam Cole [22:38]: "They had used... a bunch of different cases. They don't exist."

b. Specific Cases Highlighted

Walmart Hoverboard Incident (2023):
- Case Details: Plaintiffs sued Walmart over a defective Jetson hoverboard that allegedly caused a house fire.
- AI Misconduct: Lawyers cited eight out of nine non-existent cases to support their motion.
- Outcome: Upon discovery, the case was deemed exceptionally embarrassing, prompting immediate apologies and discussions about AI usage in legal settings.

Sam Cole [24:29]: "They said... I'm so sorry."

Michael Cohen's Case (2024):
- Case Details: Renowned lawyer Michael Cohen and his team used Google's Bard to generate fake case citations.
- Outcome: Although not fined, the judge publicly criticized the actions as embarrassing, highlighting systemic issues in legal AI governance.
Avianca Airlines Incident (2022):
- Case Details: A plaintiff filed a lawsuit against Avianca Airlines for injury caused by a server cart during a flight.
- AI Misconduct: The legal team fabricated cases, leading to a $5,000 fine and stern reprimand from the judge for violating court protocols.

Sam Cole [26:22]: "The judge was... calling their existence into question."

c. Broader Implications for the Legal Industry

Emmanuel Mayberg emphasizes the critical need for lawyers to possess deep legal knowledge and the dangers of over-reliance on AI tools without proper oversight.

Emmanuel Mayberg [29:33]: "The idea that you would pay a lawyer who is not cheap ever to just like have a chatbot do it and then not even double check the output is so crazy."

Jason Kebler adds that while automating certain legal processes can enhance efficiency, the mishandling and misuse of AI risks compromising the justice system's credibility.

Jason Kebler [35:59]: "Legalists... allowing betting on the outcomes of lawsuits."

6. Reflection on the Intersection of Technology and Professional Integrity

The podcast underscores the fragile balance between leveraging technology for efficiency and maintaining professional and ethical standards. Both the cyberattacks on government websites and the misuse of AI in legal practices reveal vulnerabilities in digital systems and professional oversight mechanisms.

Joseph [10:24]: "With all of the chaos across the US Federal government... it's not a great look."

The hosts collectively express concern over the increasing integration of AI in sensitive domains without adequate safeguards, warning of potential future crises stemming from such oversights.

7. Conclusion

The episode wraps up by highlighting the critical need for stronger cybersecurity measures within government agencies and stringent regulations governing AI usage in professional fields. The 404 Media Podcast serves as a crucial platform for uncovering hidden digital vulnerabilities and holding institutions accountable in an increasingly technology-driven world.

Notable Quotes:

Rachel Toback [00:00]: "Delete Me makes it harder for these bad actors by scrubbing your employees details regularly."
Joseph [22:16]: "This is a game. Who's the best hacker? And I was like, well, this is child's play."
Sam Cole [24:46]: "It's somebody up majorly. So obviously at that point, I'm paying attention. I'm like, you don't really see lawyers immediately apologizing profusely."
Emmanuel Mayberg [29:33]: "I was livid. We would probably try to sue them ourselves."

For those interested in supporting investigative journalism that uncovers such critical issues, consider subscribing to 404 Media for ad-free podcasts and exclusive bonus content.

Loading summary

Transcript75 lines

[00:00]
Rachel Toback
In today's world, data breaches happen all the time. And even the most secure companies can't always protect their employees personal information from ending up in the wrong hands. That's where DeleteMe comes in. DeleteMe is a service that removes your employees sensitive information from hundreds of data broker websites, sites where hackers can find phone numbers and emails within seconds. Rachel Toback, CEO of Social Proof Security, says attackers use this data to target employees with phishing messages and AI powered phone scams. But Delete Me makes it harder for these bad actors by scrubbing your employees details regularly. It's simple, attackers are lazy. If it's too hard to find contact info, they'll move on to easier targets. Deleteme takes care of this for you, doing the heavy lifting so you don't have to. And over time, they keep removing the information so it stays down, protecting your team from constant exposure. If your business has a social presence or deals with clients, you need DeleteMe. Visit DeleteMe.com 404Media and start safeguarding your team's information today. That's DeleteMe.com 404Media.
[01:18]
Joseph
Hello and welcome to the 404Media podcast where we bring you unparalleled access to hidden worlds, both online and and IRL. 404 Media is a journalist founded company and needs your support. To subscribe, go to 404 Media Co as well as bonus content every single week. Subscribers also get access to additional episodes where we respond to their best comments. Gain access to that content at 404 Media co. I'm your host Joseph and with me are the 404 Media co founders, Sam Cole.
[01:49]
Sam Cole
Hello.
[01:50]
Joseph
Emmanuel Mayberg.
[01:51]
Emmanuel Mayberg
Hello.
[01:52]
Joseph
And Jason Kebler.
[01:54]
Jason Kebler
Hey, what's up? Definitely not a robot. Yeah, definitely not a robot.
[01:59]
Joseph
We had some audio issues. I guess we'll see if you turn into a robot halfway through and we'll deal with it as it comes. But right now let's talk about the first story and it is one that Jason wrote. Anyone can push updates to the doge.gov website. There is some context layout here. But I think the funniest place to start is just some people, you know, defaced the Doge website. What did they write on it? Jason? And then we'll get into the how and the why, etc. But I think what they did first is probably interesting.
[02:40]
Jason Kebler
Yeah. So the doge.com website is.
[02:44]
Joseph
Don't go.
[02:45]
Jason Kebler
Oh, yes.gov.gov yes. Is a website that didn't exist like at the beginning of last week and Elon Musk went in front of, you know, he had. He did that interview with media in the Oval Office behind the Resolute desk with Donald Trump and his son. And he got. Got asked a question about transparency of what Doge is doing. And he said, we're the most transparent organization in the history of mankind. Something like this. And then he was like, just go to doge.gov to see what we're doing. And if you went to doge.gov, there was nothing there. It was just a blank website. And then the next day, it was updated to have just a stream of x posts from doge.gov and then it was updated again to have this database of supposed cuts and structure of the government and things like that.
[03:38]
Sam Cole
You.
[03:39]
Joseph
Yeah, you could click through and it would be like, oh, here's the army, or whatever, and it has this number of employees, and this is the average salary they get and the average age of an employee, right?
[03:51]
Jason Kebler
Yeah. And so some of these pages were defaced to read, quote, these experts, which was their own quote, said, these experts left their database open. And then another one said, this is a joke of a.gov website. And then I've seen a third one that said, this.gov is hosted on insecure Cloudflare pages, which happened over the weekend.
[04:15]
Joseph
So that's pretty funny that happens. It gets defaced, like a lot of websites do. You know, there's always people trying to deface government websites or corporate websites or whatever it might be. This one's, like, a little bit different through the way they did it. And, I mean, I don't think we have to get too technical, but, like, what was the issue here? Like, was it, you know, a fancy vulnerability or was there something exposed? Like, how was this being defaced?
[04:45]
Jason Kebler
Yeah, I found it to be pretty interesting. I'm not a web developer, so some of the technical details might be a little bit off here, but I spoke to two different web developers who independently and separately found this vulnerability and then messaged me about it within about an hour of each other. And then some other folks sort of verified it after. But basically, like, doge.gov is not hosted on doge.gov. it's not hosted on a government server. It's hosted on cloudflare, which is an Internet infrastructure company that does work with the federal government, but it has, like, a special, like, program for the federal government, but it was hosted on a cloudflare pages website. And so essentially the page itself was not doge.gov. it was some Cloudflare URL. It was like a long string of URL and we shouldn't tell say what it was. But basically, like, these web developers inspected the source code, found out where the page was actually being hosted, saw that it was just like a random Cloudflare page where code had been deployed to from, like, a GitHub or like, some sort of code repository. The database that was, like, powering this website was deploying to this Cloudflare page, and then that Cloudflare page was pointing to doge.gov, no. That's, like, a little bit complicated.
[06:18]
Joseph
But basically it's where it's pulling the data from. Basically, yeah. From the Cloudflare pages. Yeah.
[06:24]
Jason Kebler
And it was pulling the data from these specific databases that were on the Cloudflare page. And they were able to essentially find the API endpoints for these databases which were left exposed, meaning they were able to find out where the database was pulling from, and they were able to push their own database records to the database that were then reflected on the Live page. So, like, the TLDR is that they were able to edit the database that was powering the Live page by being able to push new entries to it. I asked if they were able to edit, like, existing entries, meaning could they fuck with the data that's actually on the website? And neither one said that they had tried. And we are not allowed to ask people to go poking around government websites. And so it's sort of unknown whether they could have done more damage than this sort of defacement that they did.
[07:34]
Joseph
Yeah. To be clear, for legal reasons, we never ask people to go do this, but if two people independently find it and tell us about it, and I think only one of them actually did the defacement. Right. If one of them decides of their own volition to go and do that, well, thank you. That helps verify. But we're never gonna ask you to do that, obviously.
[07:55]
Jason Kebler
So I do think I can talk a little bit about how this came to be, because it's not super sensitive, but basically I got a message with a link to doge.gov that went directly to the page that had already been fucked with. And so that was them proving like, hello, I've already done this. And then I talked to them. I was like, well, how did you do it? And they explained, and then that was the same vulnerability that a different person had discovered. And I asked that other person, like, have it? Like, have you modified anything? And they said no, because that's probably a crime. Could be a crime. And I don't want to do that, but if I wanted to, I certainly could because they found, like, the same thing that the other person did.
[08:45]
Joseph
Yeah, it's pretty interesting verification. It reminds me of some other cases I've had where somebody broke into, I think, a stalkerware company, you know, this malware that abusive partners were put on people's phones and that sort of thing, and they'd actually managed to get a ton of data from the company. But one way they wanted to prove their access was by also doing a defacement. And if I recall correctly, what they did was they defaced it. They put my name on it, which I don't know. Okay, thanks. And then they pushed it to the wayback machine so it was archived. So I could go back and be like, oh, yesterday, somebody, presumably these hackers, put my name onto this website. So it is useful for purely journalistic purposes when somebody sends you a link like that, for sure, I would say maybe not ordinarily, but a lot of the time a defacement just wouldn't be a story. There's a hacker who pings me every so often and he's like, hey, look, I defaced Biden's website. And it's like, I don't care. This doesn't matter. That was obviously last year or something like that, that this one is different, probably for multiple reasons. I mean, why do you think it's important? And maybe what does it show us that the doge.gov website, which is supposed to be targeting fraud and waste and abuse in government and making it much more efficient, what does it really tell us that even their website was apparently held together by digital string? Basically, yeah.
[10:24]
Jason Kebler
I think there's a few reasons that it's interesting. I think, one, the way that they did the defacement was kind of interesting to me, where they were able to push to this specific database, meaning, you know, potentially other sorts of information on the website could have been. Could be changed in some way. But I think more importantly, it shows that this group of coders who is going into every government agency and asking to examine source code to get access to really sensitive systems, to get access to systems that they probably don't understand because they run on COBOL or they run on, like, old mainframes, things like that, seemingly was unable to push, like, a very simple website without, you know, having these very basic vulnerabilities included in them. One thing I also thought that was very interesting was usually when a website is defaced and then there is an article about it, it's fixed very quickly, like within minutes. Often this was up for something like 18 hours, these defacements. So that suggests to me that they had trouble finding them or they just weren't paying attention. Like, I'm not sure because it got a lot of attention online. And then the other one that that happened over the weekend suggests that they didn't close whatever vulnerability was allowing this to happen. And that one was still up as of the time I checked, you know, before this podcast. And so they still haven't fixed it, which is pretty concerning.
[12:08]
Joseph
I mean, maybe they don't care. Maybe they ironically don't have the resources to do it. I don't know. It's impossible to know really.
[12:16]
Jason Kebler
I think also, like right after we published our article, the Huffington Post published an article about how Doge had published classified information about the staff makeup, like the number of employees at a specific government agency that, you know, is so secretive that the number of people works there is classified. And so that just suggests that they are not taking care when developing something like this.
[12:44]
Joseph
Yeah. Sam, you had a story that was somewhat related and it was researcher captures the contents of dei.gov before it was hidden behind a password. We're going to talk about another JSON story in this segment as well. But just briefly, what's the deal there? They put a password on di.gov but before that, what was exposed or available or what's going on?
[13:07]
Sam Cole
Yeah, so it was left unpassword protected for like, let me see, a maximum of 30 minutes is what this researcher that found this told me based on his scraping and archiving of the site. So it was up for 30 minutes without a password. And he had been running an app that was capturing government websites like automatically. So it grabbed it in those 30 minutes, which is so crazy. And while it was up and you know, exposed to the web like that, it had this long list of, I don't, I mean, again, you know, it's like quote unquote waste. It's like what they're trying to track or whatever through Doge or what Elon says that he's trying to do. And it was like I, I couldn't even include all of it in the story. But the what's in the story is really long so people should go check it out. But it's like just a laundry list of random shit that like they are claiming is wasteful use of federal funds. So it's like things like it's like $3.4 million for a Malaysian drug, drug fueled gay sex app. No Source on that. No reference to where they got that. From $15,000 to queer Muslim writers in India. It's like, you know, it's just this random stuff that they're claiming. You know, it's like $1.3 million to Arab and Jewish photographers. Are they American? Arab and Jewish photographers? We don't know.
[14:36]
Joseph
And more broadly, they keep making mistakes. Basically, like I saw there was a bit of confusion between 8 million and 8 billion because they missed a decimal place or something.
[14:47]
Sam Cole
That's kind of important. That's a big difference. So, yeah, it was up and then they immediately jumped, gave IT a. A WordPress template and that kind of hid all of that information. And then that's. That's kind of where the story comes in that Jason's talking about, where then they. People wrote about it being defaced. They wrote about it being. We wrote about it being a WordPress site. A WordPress template that looked like, you know, random and generic. And then they were like, oh, and then they put it behind a password.
[15:13]
Jason Kebler
Yeah. All three of these stories are very closely related because they're all new websites that have been spun up to track. Yeah. Like quote, unquote, government waste. And also Doge's efforts to cut things. And so the types of things that were captured on dei.gov that Sam wrote about are some of the things that have now shown up on the Doge website as part of, like, the Twitter stream and things like that. So I guess I'll just jump into that. The third story very quickly, which is Elon Musk's waste.gov is just a WordPress theme placeholder page. And so the three websites are doge.gov, dei.gov and waste.gov and dei.gov and waste.Gov were both registered about a week after Donald Trump was inaugurated. And there was never anything on waste.gov to my knowledge. But Sam spoke to this researcher and captured. He captured that information on dei.gov and then I went to waste.gov one day and all of the information there was about an imaginary architecture firm that was pulling directly from just like a WordPress template.
[16:38]
Joseph
Yeah, it was clear that it was like some sort of default landing page, essentially, when. I don't think that's really what you're going to expect when you go to an alleged official government website. So what do you see? Is it just like pictures of this made up architecture firm or something?
[16:59]
Jason Kebler
I mean, it's like if you register for any website ever, you can usually click through different themes. And then the person who Makes the theme, which is just like the layout of how the website is going to look, will try to demonstrate the features of that theme. And they do it with placeholder language. So in this case, waste.gov said, a commitment to innovation and sustainability. Etude, which, like E T U D E French word, is a pioneering firm that seamlessly merges creativity and functionality to redefine architectural excellence. It's funny because the placeholder language for this imaginary architecture firm violates Trump's executive order against DEI because it talks about how this imaginary architecture firm cares about diversity and cares about sustainability.
[17:54]
Joseph
Right.
[17:55]
Jason Kebler
And it was live on a government website, which is in violation of the executive order, which is pretty funny.
[18:01]
Joseph
Right. It was too inclusive. And then, I mean, did they realize their mistake and now the website is dead or locked or, like, what happened after, if anything?
[18:12]
Jason Kebler
Yeah, I mean, immediately after we published that article, they put it behind a password wall, and that's when they put dei.gov behind a password wall as well. So, like, sometime in between when I wrote this article and published this article, they briefly exposed what was supposed to be on dei.gov then that researcher scraped it and then it went behind a password wall. And both of those websites are still behind a password wall as we're recording this. So it's unclear whether they're going to, like, use them in any way. But if you go to those websites right now, it just says this content is password protected. To view it, please enter your password below.
[18:55]
Joseph
That is rarely transparent from the most transparent entity, agency, organization, or whatever it was that you said earlier. Yeah, and I know this, this segment turned into the. The web development of DOGE or whatever, but I think it just shows how haphazardly it's being rolled out. I mean, with all of the chaos across the US Federal government, with the actual actions they're taking of dramatically downsizing workforces and then getting rid of essential employees and they have to ask them to come back and all of that sort of thing. They can't even run a website properly. It's not a great look, let's say that. All right, let's leave that there. When we come back, we're going to be talking about AI and lawyers and a particular set of lawyers who basically got caught using AI to hallucinate a bunch of different cases. We'll be right back after this.
[20:13]
Dena Temple Reston
Today's episode is sponsored by Better Help. We spend so much time looking out for red flags, but what about green flags, the signs that a relationship is actually working? Things like open communication, emotional support, and actually talking through problems. Therapy can help you recognize green flags. BetterHelp isn't just about working through challenges. It's also about learning what healthy relationships look like, practicing those behaviors, and even embodying that green flag. Energy yourself. Because the more you understand what good looks like, the easier it is to find. I think of therapy as a great partner to help navigate my own growth and relationships. BetterHelp makes it easy. It's entirely online so you can connect with one of over 30,000 licensed therapists from anywhere. With such a large network of therapists, you'll find a wide range of specialties and therapy approaches. And if it isn't the right fit, you can switch therapists anytime at no extra cost. Discover your relationship green flags with BetterHelp. Visit betterhelp.com 404Media today to get 10% off your first month. That's better. H-E-L-P.com 404Media hackers and cybercriminals have always.
[21:28]
Unnamed Speaker
Held this kind of special fascination.
[21:30]
Joseph
Obviously, I can't tell you too much.
[21:33]
Sam Cole
About what I do.
[21:34]
Joseph
It's a game. Who's the best hacker? And I was like, well, this is child's play.
[21:39]
Unnamed Speaker
I'm Dena Temple Reston, and on the Click Here podcast you'll meet them and the people trying to stop them.
[21:45]
Sam Cole
We're not afraid of the attack.
[21:47]
Joseph
We're afraid of the creativity and the.
[21:48]
Sam Cole
Intelligence of the human being behind it.
[21:51]
Unnamed Speaker
Click here. Stories about the people making and breaking our digital world.
[21:55]
Joseph
AI machines, satellite engine ignition.
[21:58]
Unnamed Speaker
Click here and lift up. Click here every Tuesday and Friday, wherever you get your podcasts.
[22:17]
Joseph
And we are back. This is one that Sam wrote. Lawyers court citing AI hallucinated cases. Call it a, quote, cautionary tale. Not entirely sure where to start with this one, Sam. Maybe we just do it with what did the lawyers admit to doing and then I guess we'll get into the implications of all of that as well.
[22:39]
Sam Cole
Yeah, I mean that's a good place to start because I also kind of worked backwards from there. This is an article that we did in collaboration with Court Watch, which is Seamus Hughes independent newsletter slash outlet, that he digs up court records and sometimes he sends us like the interesting ones and says, do you want to write this up? So yeah, the pitch for this one was basically just like these lawyers called, got called out for using AI in a filing and now they're like, oh, this is a cautionary tale, which is the headline. But basically they had used they don't say what LLM, what chatbot that they use it, whether it was ChatGPT or some other one. And there are a bunch of like, you know, like, specific to legal uses, LLMs at this point, like tools that are rolled out for lawyers to do research and to use AI to draft, you know, responses. Ideally not straight copy pasting, but that's what these people did. So, yeah, they. They said in a. In a filing that. Let's see, I'm going to quote it directly. Our internal artificial intelligence platform, quote unquote, hallucinated the cases in question while assisting our attorney in drafting the motion in. I probably said that wrong, but it's a. It's a legal phrase. This matter comes as a great embarrassment and has prompted discussion and action regarding the training, implementation, and future use of artificial intelligence within our firm. This serves as a cautionary tale for our firm and all firms as we enter this new age of artificial intelligence. So at that point, I'm actually warning.
[24:27]
Joseph
Everybody because it's a cautionary tale for.
[24:29]
Sam Cole
All firms, for everybody. You know, they're like, we, yeah, they're like, oh, this. I mean, the implication is like, this could happen to anyone. And we got caught doing it. And it's like, oops, we're so sorry.
[24:38]
Jason Kebler
So they're just testing everyone. They're like, oh, yeah, yeah, yeah.
[24:41]
Emmanuel Mayberg
Whenever I slip on a banana peel, I get up and I was like, let this be a cautionary tale for everyone.
[24:47]
Jason Kebler
Yeah, don't slip on the banana peel, everyone.
[24:49]
Sam Cole
Right, exactly. And it's like, this is so. This is somebody up majorly. So obviously at that point, I'm paying attention. I'm like, you don't really see lawyers immediately apologizing profusely. Very often what had happened was they had cited, like they say in their groveling apology that they had cited. I think it was like eight out of nine cases that they had cited in this document as like, you know, if you read court documents and complaints and case filings, a lot of the times they'll cite other cases that are similar and be like, this is the precedent that we're standing on legally. Like, these are similar cases where, you know, cases like ours won in the past. So you should, you know, grant us what we're looking for in our case. But they had made up eight of the nine that they cited. Just. They didn't exist. Like, they don't exist anywhere. And obviously the judge looked them up. They were like. Because, I mean, so the judges who caught them. Yeah, the judge caught them. I mean, actually, I think it might have been opposing counsel caught Them and like the judge and then was like, and told, it was like, judge, like, hello, this is, these are fake and they're not, they don't exist. And then the judge was conjured and he was like, well, these are. What are you going to say for yourself? Like, and the reason that they are apologizing immediately is that there actually is a precedent for this happening in the past.
[26:20]
Joseph
Yeah.
[26:21]
Sam Cole
It's not the first time.
[26:22]
Joseph
Yeah. And maybe people listening are already aware of that. And we'll talk about that in a sec. I think that the reason you, correct me if I'm wrong, but the reason you covered it here is. Well, first of all, it's very funny. Second of all, lawyers admitting they're wrong, let alone grovelling, that's probably newsworthy in and of itself. And third, yeah, it's one thing for lawyers to use AI of all the problems it is, it's another thing to get caught so publicly. I think actually just before we talk about previous instances, you bring up what was this case about exactly? Because this was like a pretty ordinary case involving Walmart or something.
[27:04]
Sam Cole
So it was actually once I kind of worked backwards like I said and kind of dug back to the original complaint, the original lawsuit, it was filed in 2023 against Walmart and this company called Jetson Electronic Bikes and Judson makes hoverboards for Walmart or for sale at Walmart. And what had happened was the plaintiffs, who, so the people who are being represented by these lawyers who made this huge mistake with the fake cases, they had bought a hoverboard, one of the Jetson hoverboards from Walmart. And they're claiming that the battery, the lithium ion battery in the hoverboard caught fire while they were asleep and burned their house down. So it's a really horrifying case and like it's pretty serious. Like this, like we've, we've talked about this and we've written about this in the past with like scooters. It's like scooters have this problem a lot. It's like people's houses burned down because these batteries malfunction sometimes. So they're claiming, you know, injury and you know, severe like burns. Obviously it's like their house, like it's just massive loss that they have from this, that they're claiming from this hoverboard company. So that's what they're bringing. And this case has been going on since 2023. So it's been, you know, a drag out thing. The docket is long and this is the thing that gets, like, attention is that the lawyers made this huge fuck up, which is kind of sad. It's like, look at my lawyers, bro situation. It's like, yeah, this is a mess.
[28:35]
Joseph
Your house burnt down and your lawyers are like fucking around with ChatGPT.
[28:41]
Emmanuel Mayberg
I was going to say, we unfortunately have a lot of experience with lawyers, both hearing from lawyers representing other people who are mad at us. And we have our own lawyers who are very good and represent us. And I feel like 90% of the time what you need a lawyer to do is to like, know the law and know the case law and reference specific cases and write long explanations for why what you did is perfectly legal or for why what someone else did is not legal. And the idea that you would pay a lawyer who is not cheap ever to just like have a chatbot do it and then not even double check the output is so crazy. Like, I feel like you would have to dump them immediately. Like, imagine if we had some sort of libel letter coming at us and our lawyers just like ChatGPT generated a response. We would be livid. We would probably try to sue them ourselves.
[29:41]
Joseph
Yeah, yeah. With a second set of lawyers who then also use ChatGPT, unfortunately, or something. So, I mean, that's a horrible case. And it's even more horrible as we all say that the lawyers using ChatGPT. Sorry, it's not specifically OpenAI. We don't know what it is, but some sort of LLM. But. But what are some of the other instances of lawyers doing this then, Sam?
[30:04]
Sam Cole
Yeah, so the most recent one was in 2024 when it involved Michael Cohen, who, I mean, we're not going to get into Michael Cohen's resume right now, but very famous lawyer. He and his own lawyer. So we're talking about again, like a stacking of a Russian doll.
[30:25]
Joseph
Russian nesting dolls.
[30:26]
Sam Cole
Yeah, exactly. They had generated fake cases with Google Bard and they weren't fined or anything, but the judge let them off and he called, he called the situation embarrassing for them. I think it's probably just like shaking my damn head at Michael Cohen's situation. But then in 2022. So this is kind of, this is why I think probably they took it so seriously and apologize immediately. It's embarrassing. And it's also, you can get like seriously sanctioned and big fines if you are presenting fake stuff to the court. So in 2022, this man had filed a action against Avianca Airlines that he, he was saying that he was injured by a serving cart during a flight and his lawyer was citing non existent cases and. But instead of that legal team apologizing immediately being like, please, please don't sanction us, they doubled down and they were like, we, we can defend the, that the reason that these cases are in the filing, they thought they could get, get out of it, I guess. And they were fined five grand for that error. And the judge wrote. And that's what I was kind of like, okay, maybe that's, I don't know, I'm. Maybe there were other repercussions that I don't know about. But it's also just like highly humiliating. It's like the judge is like reaming you in official court documents. Like the judge was like, they abandoned their responsibilities. You know, they, they stand by these fake opinions after judicial orders called their existence into question. It's like, I don't know, I'm like secondhand humiliated just reading a judge be super mad at lawyers. So yeah, I mean it's like it's, it's something that I think is going to come up more and more. Honestly, I'm surprised it doesn't come up more often because again, this work is really tedious that lawyers are doing a lot of the time to preserve present their cases. But yeah, I mean, maybe it does happen a lot and we just aren't hearing about it most of the time.
[32:24]
Joseph
But I think you're right and it's going to happen more because I literally just typed in like Legal chatgpt and it cuts up with all of these companies are offering these tools which, I mean, I don't know how many customers they have, but presumably they see a market there and obviously some people are using it. Jason, you wanted to bring up.
[32:43]
Jason Kebler
Yeah, I'm going to do a whirlwind roundup of like stuff that Motherboard reported on about robo lawyers. And then also I wrote one article for the Atlantic in my life and it was in 2017, I didn't know that it was a freelance piece that for some reason Motherboard let me do. And it was called Rise of the Robo Lawyers and it was about all of these startups that were trying to automate law. And like, like every other industry, the legal industry has been like, we can AI ify that. And that was all the way back in 2017 when things like this were happening. So like LexisNexis, which is a database program, it's just, it's massive. Has something, or at least did at the time called Lex Machina that allowed you to try to predict Whether you were going to win a case based on like, other. It helped for like, venue shopping, I believe, where it was basically like a defamation lawsuit in this jurisdiction in Texas is more likely to succeed than if it's in North Carolina or something. So it was being used by law firms to venue shop then. There was also a lot of really dystopian startups at the time. I don't know if any of them are still around, but one was called Premonition that was basically like you enter your legal documents and the ones that have been filed against you and then it predicted whether you would win or lose the case. And then it was like, I guess it was supposed to let you know if you were better off, like, pushing for a settlement versus, like, going to trial. There was a company called Legalist that allowed you to bet on the outcomes of lawsuits. So basically would use AI to determine whether a specific case was likely to succeed or not. And then you could do commercial litigation financing, meaning you could like pay the lawyer's fees to like, you know, essentially like help someone sue someone else. And. And then you would get some of the winnings of that. And I think that one is gone. I need to go check. But that one was like some weird idea. There's been a lot of like, chatbot type lawyers as well. There's this company called Do Not Pay that initially started off like helping people fight parking tickets and was very successful at that because many case, many times you can just like write any sort of like form letter to contest a parking ticket and you'll, you'll win just by attempting to contest it. And then Do Not Pay got into like, more complicated legal situations and eventually was fined by the FTC or was at least threatened by the FTC for.
[35:43]
Joseph
Representing itself as eight days ago, FTC finalises order with Do Not Pay that prohibits deceptive AI lawyer claims, imposes monetary relief, and requires notice to past subscribers. That was earlier this month. Yeah, yeah.
[36:00]
Jason Kebler
And then as part of this article, which was pretty good, now that I'm reading it again, I talked to some law professors and people like that. And one thing they did say is that the legal process is incredibly, incredibly expensive, as Emmanuel already pointed out. And a lot of cases are quite straightforward theoretically. Things like divorces, for example, are like really, really expensive or can be really expensive. But a lot of them are really simple in terms of the legal filings are not that complicated. And so there like, maybe some sort of role for like, here's how you fill out the forms properly. If you don't have like a contentious divorce going on. So you don't have to pay tens of thousands of dollars to a lawyer to do like a pretty straightforward sort of thing. But like, what Sam's reporting on here goes far beyond that because it's a situation where the cases are complicated and the people have hired real lawyers and then the real lawyers are like outsourcing that work to chat GPT and that's like up.
[37:05]
Joseph
Yeah.
[37:05]
Jason Kebler
So I know that was like a weird tangent. I'm good for at least one of those per episode. I know, but this has been like a dream of the legal of big law legal professionals for a long time. Is like, how do we outsource all of this work to a robot and still collect our really extreme fees?
[37:31]
Joseph
Yeah, they're not lowering their prices.
[37:33]
Jason Kebler
No.
[37:34]
Joseph
It's going to be the same crazy per hour fee and then it's just being done on some LLM backend or whatever. I know, it's crazy. It's outrageous. All right, we will leave that there. If you're listening to the free version of the podcast, I'll now play us out. But if you are a paying 404 media subscriber, we're going to talk about a true crime YouTube channel ran true crime documentaries except all of the murders were AI generated. You can subscribe and gain access to that content at 404 Media co. As a reminder, 404 Media is journalist founded and supported by subscribers. If you do wish to subscribe to 404 Media and directly support our work, please go to 404 Media co. You'll get unlimited access to our articles and an ad free version of this podcast. You'll also get to listen to the subscribers only section where we talk about a bonus story each week. This podcast is made in partnership with Kaleidoscope. Another way to support us is by leaving a five star rating and a review for the podcast. Here is one of those reviews from someone who used the username Leftist tech bro. Good show. Blunt to the point. I like it. This has been 404 Media. We will see you again next week.