A whistleblower has accused workers with the Department of Government Efficiency of putting as many as 300 million Social Security numbers at risk after they deposited sensitive personal information in a “vulnerable cloud environment.”
In a letter released Tuesday, Charles Borges, the chief data officer at the Social Security Administration, and an unidentified whistleblower allege that Aram Moghaddassi, SSA’s chief information officer, gave DOGE workers detailed to the agency the authority to construct “a live copy of the country’s Social Security information in a cloud environment that circumvents oversight.”
The whistleblower report said that this put “the security of over 300 million Americans’ Social Security data” at risk.
“This vulnerable cloud environment is effectively a live copy of the entire country’s Social Security information from the Numerical Identification System (NUMIDENT) database, that apparently lacks any security oversight from SSA or tracking to determine who is accessing or has accessed the copy of this data,” the whistleblower report states.
The database also includes private information that people would submit in an application for a United States Social Security card, including a person’s address, birth date, phone number, ethnicity and citizenship, according to the whistleblower.
“Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost,” the report reads.
Frank Bisignano, the commissioner of the Social Security Administration, told The Hill in a statement that “SSA stores all personal data in secure environments that have robust safeguards in place to protect vital information. The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the internet.”