Whistleblower alleges DOGE put Americans’ Social Security data at risk

DOGE allegedly risked the social security data of over 300 million Americans in June, according to Charles Borges, a high-ranking official at the Social Security Administration office. 

The Social Security Administration’s chief data officer has accused the controversial federal agency, DOGE, of putting the personal information of virtually every American at risk by mishandling one of the government’s most sensitive databases.

Whistleblower alleges DOGE put Americans’ Social Security data at risk

In a whistleblower complaint filed with the U.S. Office of Special Counsel and Congress, Charles Borges said the Department of Government Efficiency (DOGE) uploaded a copy of the Numident file, containing the names, Social Security numbers, birth dates, and addresses of over 300 million people, to a vulnerable cloud server in June.

Borges stated that there was no evidence that the data had been breached or misused. But he warned that the lack of independent oversight and audit mechanisms left Americans exposed to identity theft and other harms.

“Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital health care and food benefits, and the government may be responsible for reissuing every American a new Social Security number at great cost,” he wrote.

The database, known as the Numident file, contains records of every Social Security number ever issued, over 548 million in total. Experts say it is one of the most valuable repositories of personal information in the federal government.

DOGE ignored internal warnings

Borges’ complaint, supported by dozens of internal emails and memos, details how agency officials raised red flags before the transfer. Earlier this year, a federal judge blocked DOGE’s access to the Numident file, but the Supreme Court reversed that order on June 6.

On June 16, Joe Cunningham, the SSA’s acting chief information security officer, issued a formal risk assessment calling the project “high risk” with potentially “catastrophic impact” if compromised.

He warned that DOGE wanted “uninhibited” control of the server but had not explained how it would secure the data.

Despite the warnings, DOGE-aligned officials approved the transfer within hours.

In a July memo, Aram Moghaddassi, the SSA’s chief information officer and a former executive at Elon Musk’s companies X and Neuralink, wrote that “the business need is higher than the security risk” and said he accepted all risks associated with the project.

Borges, who joined the SSA in January after 22 years in the Navy and senior roles at other federal agencies, said he was excluded from discussions despite his position. When he sought clarification, he alleges that the SSA’s legal office told staff not to respond to his inquiries.

The Government Accountability Project, a nonprofit that represents whistleblowers, filed its disclosure on Tuesday. Andrea Meza, one of Borges’ lawyers, said he “spent weeks pressing for fixes inside the agency” before turning to protected reporting channels.

SSA spokesman Nick Perrine said the agency took whistleblower complaints seriously. He stressed that all personal data is stored in “secure environments” with “robust safeguards,” and that the agency was unaware of any compromise. The White House referred questions back to the SSA.

Privacy advocates and Democratic lawmakers have sounded alarms since the transfer. Representative Richard Neal stated that “all oversight has been lost, all accountability gone.”

The American Civil Liberties Union has filed Freedom of Information Act requests seeking details on DOGE’s activities. Congressional Democrats have also demanded investigations, warning that DOGE’s consolidation of sensitive data across multiple agencies could run afoul of the Privacy Act of 1974.

Borges’s complaint also alleges that DOGE bypassed security rules to gain “improper and excessive” access to other SSA databases in March, and may have briefly circumvented a court order temporarily restricting its access.

Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.