DOGE Compromised Social Security Data, Says Whistleblower
A whistleblower accused the DOGE officials of copying over 300 million Social Security numbers.
If there's one piece of identifying data you don't want falling into the wrong hands, it's your Social Security number. That's why recent allegations from a whistleblower are so troubling.
On August 26, Charles Borges, the chief data officer (CDO) at the Social Security Administration (SSA), alleged that DOGE (Department of Government Efficiency) employees copied ultrasensitive data to a cloud server that does not meet government standards for protecting data privacy.
The whistleblower complaint was submitted by the Government Accountability Project.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
The database that Borges said was copied contains records of every Social Security number the federal government has issued to Americans, along with names, addresses and birthdates.
DOGE copies data to the cloud in a "high-risk" project
The Government Accountability Project assisted Borges in submitting a protected whistleblower disclosure to the Office of the Special Counsel, as well as to congressional committees.
In the whistleblower complaint, Borges alleges that DOGE officials employed by SSA have created a live copy of a critical database, known as the NUMIDENT file, in a cloud environment.
The complaint includes emails from John Solly, a software engineer working at Social Security, who asked a career agency employee about making the copy shortly after the Supreme Court allowed DOGE access.
The NUMIDENT file is a database with over 548 million Social Security numbers, along with the identifying information of everyone living or dead who has ever had a Social Security number.
The complaint also enumerates the following allegations.
- The virtual cloud environment on the internal agency server was accessible only by DOGE employees.
- DOGE was warned that copying the data could make Americans vulnerable to identity theft, but proceeded with the project anyway.
- No verified audit or oversight mechanisms were in place to determine what the data was being used for or whether it was properly secured, and there was no independent security monitoring of the cloud environment.
- DOGE briefly circumvented a March 20 temporary order prohibiting access to certain Social Security data.
- DOGE officials bypassed normal procedures to receive "improper" access to other databases with sensitive information.
The complaint included a copy of an email from Joe Cunningham, the agency's acting chief information security officer, warning that "after a thorough review, we have determined that this request [to copy the information] poses a high risk."
Potential risk from DOGE actions
Borges' complaint shows that, despite privacy concerns, Cunningham requested and received the approval of Michael Russo, a senior DOGE-aligned official at Social Security, to sign off on the project of copying the database to the cloud server, despite making clear that his recommendations to anonymize the personal data had not been followed.
Further emails revealed that the data was transferred despite official security assessments warning that if it were compromised, it would have a "catastrophic impact" on Social Security beneficiaries.
"I have determined the business need is higher than the security risk associated with this implementation and I accept all risks," Aram Moghaddassi, Social Security's chief information officer, and a former employee of Elon Musk at X and Neuralink, wrote in a July 15 memo, as reported by NPR.
Borges disagrees with this assessment. "Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital health care and food benefits, and the government may be responsible for reissuing every American a new Social Security number at great cost," Borges' complaint said.
No evidence of a data breach
While Borges' allegations are serious, the good news is that it appears no data has been compromised — at least not yet.
Nick Perrine, a spokesman for the SSA, stated that the agency was "not aware of any compromise to this environment," according to the New York Times.
Perrine also defended the actions taken by DOGE, stating, "S.S.A. stores all personal data in secure environments that have robust safeguards in place to protect vital information. The data referenced in the complaint is stored in a longstanding environment used by S.S.A. and walled off from the internet. High-level career S.S.A. officials have administrative access to this system with oversight by S.S.A.'s information security team."
Perrine added that the agency was and remained "dedicated to protecting sensitive personal data."
Congressional investigations may provide more insight into Borges' complaint.
How to protect your data and identity
In the meantime, it's a good idea to follow best practices for protecting against identity theft. Here are some steps to help you quickly protect your data.
- Check your credit report regularly (it's free) and address any errors or unknown accounts you find.
- Consider freezing your credit to prevent the use of your Social Security number and other identifying information.
- Stay informed and read up on the latest identity theft trends of 2025.
Read More
-
CD Maturing Soon? Here's What to Do NextThese strategies of what to do when you have a CD maturing soon will have you maximizing returns even with rate cuts.
-
How to Make 2026 Your Best Year Yet for Retirement SavingsMake 2026 the year you stop coasting and start supercharging your retirement savings.
-
You Saved for Retirement: 4 Pressing FAQs NowSaving for retirement is just one step. Now, you have to figure out how to spend and maintain funds. Here are four frequently asked questions at this stage.
-
How to Make 2026 Your Best Year Yet for Retirement Savings
Make 2026 the year you stop coasting and start supercharging your retirement savings.
-
You Saved for Retirement: 4 Pressing FAQs Now
Saving for retirement is just one step. Now, you have to figure out how to spend and maintain funds. Here are four frequently asked questions at this stage.
-
I'm a Financial Planning Pro: This Is How You Can Stop These 5 Risks From Wrecking Your RetirementYour retirement could be jeopardized if you ignore the risks you'll face later in life. From inflation to market volatility, here's what to prepare for.
-
Are You Hesitating to Spend Money You've Spent Years Saving? Here's How to Get Over It, From a Financial AdviserEven when your financial plan says you're ready for a big move, it's normal to hesitate — but haven't you earned the right to trust your plan (and yourself)?
-
7 Ways to Age Gracefully Like the Best Stock Photo SeniorsAs a retirement editor, I've gleaned valuable wisdom (and a lot of laughs) from one older couple that tops the seniors' stock photo charts.
-
Time to Close the Books on 2025: Don't Start the New Year Without First Making These Money MovesAs 2025 draws to a close, take time to review your finances, maximize tax efficiency and align your goals for 2026 with the changing financial landscape.
-
Is Fear Blocking Your Desire to Retire Abroad? What to Know to Turn Fear Into FreedomCareful planning encompassing location, income, health care and visa paperwork can make it all manageable. A financial planner lays it all out.
-
Your Year-End Wellness Checklist for a Healthier 2026Skip the fleeting resolutions and start the new year with a proactive plan to optimize your longevity, cognitive health, and social vitality.
