Doge uploaded live copy of Social Security database to 'vulnerable' cloud server
15 days ago
- #Social Security
- #Whistleblower
- #Data Breach
- A whistleblower from the Social Security Administration (SSA) revealed that the Trump administration's Department of Government Efficiency (DOGE) uploaded hundreds of millions of Social Security records to a vulnerable cloud server, risking the personal data of most Americans.
- Charles Borges, SSA's chief data officer, filed a complaint stating that top officials approved uploading the 'Numerical Identification System' database—containing 450M+ records with sensitive personal and financial data—to an insecure cloud environment.
- DOGE, a team of former Elon Musk employees, allegedly copied the database to an Amazon-hosted cloud server lacking proper security controls, violating internal and federal privacy laws.
- Borges warned that unauthorized access could expose sensitive personal information (e.g., health diagnoses, income, banking details) and have a 'catastrophic impact' on the Social Security program, potentially requiring reissuance of all Social Security numbers.
- Despite a federal restraining order initially blocking DOGE's access, the Supreme Court lifted it in June, allowing DOGE to proceed. SSA's CIO Aram Moghaddassi and former CIO Michael Russo approved the move, prioritizing 'business need' over security risks.
- Borges escalated concerns to Congress after internal warnings were ignored. The SSA claims the data is stored securely with oversight, denying any compromise.
- This incident follows broader accusations of poor cybersecurity practices under the Trump administration, including DOGE's control over federal datasets.
- Past cloud breaches, like the 2023 DoD email exposure on Microsoft Azure, highlight risks of misconfigured government cloud systems.