Elon Musk’s so-called “department of government efficiency” (Doge) copied and uploaded sensitive Social Security Administration (SSA) data to a vulnerable cloud server, potentially risking the safety of hundreds of millions of Americans and violating federal privacy laws, according to a whistleblower complaint filed on Tuesday.
The complaint from Charles Borges, the chief data officer at the SSA, alleges that Doge staffers effectively created a live copy of the entire country’s social security data from its numerical identification system database. The information is a goldmine for bad actors, the complaint alleges, and was placed on a server without independent oversight that only Doge officials could access.
“These actions constitute violations of laws, rules, and regulations, abuse of authority, gross mismanagement, and creation of a substantial and specific threat to public health and safety,” the complaint states.
The whistleblower complaint, first reported by the New York Times, is one of the most high-profile insider accounts of how Doge staffers have allegedly taken confidential government information and used it for their own ends, at great risk to the public. The database that Doge officials allegedly uploaded to the cloud contains highly personal information about hundreds of millions of US citizens and residents. It includes details such as names, place and date of birth, race and ethnicity, names of family members, phone numbers, addresses and social security numbers.
The Social Security Administration denied that the sensitive data had been compromised and stated that it takes all whistleblower complaints seriously.
“SSA stores all personal data in secure environments that have robust safeguards in place to protect vital information. The data referenced in the complaint is stored in a longstanding environment used by SSA and walled off from the internet,” an SSA spokesperson said. “We are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data.”
The non-profit Government Accountability Project whistleblower organization is providing Borges legal counsel in the case and filed his complaint with the US Office of Special Counsel, as well as members of Congress. The complaint calls on lawmakers to swiftly take action to safeguard public data and provide more oversight.
“Placing a live copy of Americans’ Social Security data in a cloud environment without independent oversight puts everyone with a social security number and their families at real risk of identity theft, interrupted benefits, and tax or medical fraud that can follow them for years,” said Andrea Meza, director of advocacy and strategy at the Government Accountability Project and the legal counsel on the case.
Borges is a career civil servant and navy veteran who joined the SSA in late January, and was previously chief data officer for naval air systems command. His complaint alleges that he repeatedly raised concerns with his superiors about Doge officials improperly accessing data but that no action was taken.
“Mr Borges spent weeks pressing for fixes inside SSA; when nothing changed, he used the protected channels federal whistleblower law provides,” Maza said. “We’re calling for immediate oversight and an independent audit to investigate these violations, prevent future problems, and restore required safeguards.”
Lawmakers and ethics watchdog groups, as well as former and current federal employees, have long accused Doge of accessing government data with a wanton disregard for security protocols and transparency. A separate whistleblower disclosure in April raised concerns that Doge employees had potentially exposed sensitive National Labor Relations Board information, and alleged it appeared that Doge employees attempted to cover up documentation of what data they accessed.
As Doge rapidly embedded its staffers across federal agencies earlier this year, it gained access to troves of information from a wide swath of government databases. Although reports have detailed how the agency is using some of that data to further the Trump administration’s immigration crackdown, there has not been a full accounting of why Doge has accessed the public’s data.
Comments