On Tuesday, Government Efficiency (DOGE) released a report highlighting concerns raised by a whistleblower at the Social Security Agency (SSA). The whistleblower claimed that critical social security data was stored in a “vulnerable cloud environment.”
In this report, SSA’s Chief Data Officer Chuck Borges remarked, “We are aware of the serious data security breach noted by Doge officials who are currently employed at the SSA.”
Borges further stated that the report did not fully outline the actions taken by DOGE under SSA’s Chief Information Officer, Aram Mogadassi, which allegedly breached the agency’s protocols and policies, as noted by the New York Times.
This cloud environment reportedly contains a live copy of vital social security information from the Numerical Identification System (Numident) database, which appears to lack adequate security measures or oversight from the SSA.
The report indicates that the Numident database houses comprehensive information from Social Security Card applications, including personal details like name, race, date of birth, and citizenship status.
“Should a malicious entity gain access to this cloud environment, there could be significant risks for Americans, including identity theft,” the report warns. It adds that this could jeopardize essential medical and food benefits, potentially leading the government to issue new social security numbers at a considerable financial burden.
An SSA spokesperson responded, stating that the agency takes whistleblower complaints seriously. They insisted that personal data is kept in a secure environment with strong protections and clarified that the data referred to in the complaint is held within a historically secure environment, isolated from the Internet.
The White House referred inquiries to the SSA.
Earlier this month, an appeals court decided that DOGE accessed sensitive data affecting millions of Americans, a ruling that returned to a temporary restraining order established at the start of the year.
The US Court of Appeals for the Fourth Circuit, in a 2-1 decision, expressed skepticism regarding DOGE’s potential success in its appeal, citing violations of federal privacy laws and calling into question its access to sensitive data from the Department of Education intended to prevent DOGE from interacting with the Treasury Department.
