Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says [View all]
THIS IS EXACTLY WHAT I'VE WARNED about: 20-something tech bros with NO experience who don't give a rat's ass about anyone's sensitive data being exposed have exfiltrated it to an unsecured cloud server. "I told you so" is a very worn-out part of my vocabulary these days. I should change my name to Cassandra. Pfft.https://www.nytimes.com/2025/08/26/us/politics/doge-social-security-data.html
FREE READ: https://archive.ph/kuaoO
Members of the Department of Government Efficiency uploaded a copy of a crucial Social Security database in June to a vulnerable cloud server, putting the personal information of hundreds of millions of Americans at risk of being leaked or hacked, according to a whistle-blower complaint filed by the Social Security Administration’s chief data officer.
The database contains records of all Social Security numbers issued by the federal government. It includes individuals’ full names, addresses and birth dates, among other details that could be used to steal their identities, making it one of the nation’s most sensitive repositories of personal information.
The account by the whistle-blower, Charles Borges, underscores concerns that have led to lawsuits seeking to block young software engineers at the agency built by Elon Musk from having access to confidential government data. In his complaint, Mr. Borges said DOGE members copied the data to an internal agency server that only DOGE could access, forgoing the type of “independent security monitoring” normally required under agency policy for such sensitive data and creating “enormous vulnerabilities.”
But his disclosure stated that as of late June, “no verified audit or oversight mechanisms” existed to monitor what DOGE was using the data for or whether it was being shared outside the agency. That kind of oversight would typically be provided by the agency’s career information security professionals, Mr. Borges said in his account.
And his complaint cites an official agency security assessment that described the project as “high risk” and that warned of “catastrophic impact” to Social Security beneficiaries and programs if the database were to be compromised.
The database contains records of all Social Security numbers issued by the federal government. It includes individuals’ full names, addresses and birth dates, among other details that could be used to steal their identities, making it one of the nation’s most sensitive repositories of personal information.
The account by the whistle-blower, Charles Borges, underscores concerns that have led to lawsuits seeking to block young software engineers at the agency built by Elon Musk from having access to confidential government data. In his complaint, Mr. Borges said DOGE members copied the data to an internal agency server that only DOGE could access, forgoing the type of “independent security monitoring” normally required under agency policy for such sensitive data and creating “enormous vulnerabilities.”
But his disclosure stated that as of late June, “no verified audit or oversight mechanisms” existed to monitor what DOGE was using the data for or whether it was being shared outside the agency. That kind of oversight would typically be provided by the agency’s career information security professionals, Mr. Borges said in his account.
And his complaint cites an official agency security assessment that described the project as “high risk” and that warned of “catastrophic impact” to Social Security beneficiaries and programs if the database were to be compromised.
4 replies
= new reply since forum marked as read
= new reply since forum marked as read