DOGE accused of copying entire Social Security database to insecure cloud system

A Social Security Administration (SSA) official alleged in a whistleblower disclosure that DOGE officials created "a live copy of the country's Social Security information in a cloud environment that circumvents oversight." Chuck Borges, the SSA's Chief Data Officer (CDO), "has become aware through reports to him of serious data security lapses, evidently orchestrated by DOGE officials, currently employed as SSA employees, that risk the security of over 300 million Americans' Social Security data," the Government Accountability Project said in a letter sent today to members of Congress and the US Office of Special Counsel. The nonprofit Government Accountability Project is representing Borges. Although it has been widely reported that DOGE sought and obtained access to Social Security records in its attempt to find evidence of fraud, the letter to lawmakers said the live copy of SSA's database hasn't previously been disclosed. DOGE's actions were taken "under the authority of SSA Chief Information Officer (CIO) Aram Moghaddassi" and violate SSA protocols and policies, the letter said. There could be severe consequences if the database copy is breached, the letter said: This vulnerable cloud environment is effectively a live copy of the entire country's Social Security information from the Numerical Identification System (NUMIDENT) database, that apparently lacks any security oversight from SSA or tracking to determine who is accessing or has accessed the copy of this data. NUMIDENT contains all data submitted in an application for a United States Social Security card—including the name of the applicant, place and date of birth, citizenship, race and ethnicity, parents' names and social security numbers, phone number, address, and other personal information. Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost. SSA denies security problem In a statement provided to Ars today, the SSA denied storing data in an insecure environment and said it is not aware of any compromise.