As an Amazon Associate I earn from qualifying purchases.
Disregard the DOGE behind the drape
Democratic report explains Social Security danger and deceptive DOGE workplaces.
A demonstration versus President Donald Trump and Elon Musk in New York on February 19, 2025.
Credit: Getty Images|Pacific Press
Numerous whistleblowers declared that DOGE published an extremely delicate Social Security Administration(SSA)database to an unmonitored cloud environment, according to a report by Senate Democratic personnel. The personnel report explains an examination into DOGE activities at 3 companies, consisting of a website check out at the General Services Administration (GSA)in which DOGE authorities seemed concealing specific locations from view.
As we reported last month, then-SSA Chief Data Officer Chuck Borges declared that DOGE authorities produced “a live copy of the country’s Social Security information in a cloud environment that circumvents oversight.” A minimum of another whistleblower has actually obviously made the very same claims.
Whistleblowers, consisting of Borges, declared “that Edward Coristine, the 19-year-old DOGE staffer who was previously fired from a job for leaking company data to a competitor, and other DOGE personnel had been granted permission to move highly sensitive SSA data into an unmonitored cloud environment,” the Senate Democratic report stated. “The whistleblowers said that DOGE has uploaded a live copy of NUMIDENT, which contains highly sensitive personal data on anyone who has held a social security number, including every American. This includes social security numbers (SSNs), place and date of birth, work permit status, and parents’ names, among other sensitive personal information, for all Americans, to a cloud environment.”
SSA Chief Information Officers Michael Russo and Aram Moghaddassi, who are referred to as “DOGE-affiliated,” apparently “granted approval for the data move despite a June 12, 2025 internal risk assessment flagging a high level of risk and potentially catastrophic impact to SSA beneficiaries and SSA programs absent additional controls to safeguard against unauthorized access,” the report stated.
That internal threat evaluation by SSA staff members “evaluated the likelihood of such catastrophic impact to be between 35 and 65 percent,” with the capacity for prevalent disclosure of personally recognizable info, the report stated.
Windows “quickly covered with black garbage bags and tape”
Democratic staffers examined DOGE activities at the SSA, GSA, and Office of Personnel Management (OPM), leading to the report composed by personnel for Democrats on the Senate Homeland Security & & Governmental Affairs Committee. The report slammed the firms for an absence of cooperation.
“None of the agencies have allowed meetings with representatives from agency DOGE teams. In the DOGE spaces staff were permitted to view, armed guards controlled access to work and living spaces, rooms were locked, and office windows appeared to have been hastily covered with black trash bags and tape,” the report stated.
At the GSA structure, “officials refused to show staff at least six offices that GSA had allowed DOGE to convert into bedrooms,” and declined to reveal personnel the firm’s Starlink broadband devices, the report stated. In another circumstances explained by the report, “GSA officials said they did not have the key to open a locked room that had windows covered with black paper, trash bags, and tape. When staff asked why the most senior officials in offices charged with building management and security could not open an office door, GSA could not provide an answer.”
The report stated that throughout a website see at the SSA structure, the DOGE office was safeguarded by armed security. “SSA officials providing the tour confirmed that this level of security was unusual,” the report stated. “When staff asked why the additional security for the DOGE workspace was needed, Mr. [Dan] Callahan [the Assistant Commissioner for Building and Facilities Management] said that DOGE staff were concerned about threats to their safety. Staff asked whether these were direct threats and whether officials informed law enforcement. Officials explained that there had not been a specific threat, rather that some DOGE staff felt threatened based on a communication with an SSA employee that ‘included cursing.'”
Aside from the security personnel, the DOGE workplaces seemed empty on a Thursday afternoon, the report stated. Senate personnel were informed “that DOGE staff had telework agreements with the agency. SSA officials confirmed that DOGE were the only individuals who had this approved telework structure in the entire CIO’s office. SSA officials could not answer questions about the telework agreements, including a reason for the telework exception and who approved the agreements.”
Sen. Gary Peters (D-Mich.), the Homeland Security & & Governmental Affairs Committee’s leading Democrat, stated that “DOGE isn’t making government more efficient—it’s putting Americans’ sensitive information in the hands of completely unqualified and untrustworthy individuals. They are bypassing cybersecurity protections, evading oversight, and putting Americans’ personal data at risk.”
Agencies didn’t respond to lots of concerns, report states
SSA Commissioner Frank Bisignano formerly rejected the whistleblower claims in a letter to Senate Finance Committee Chairman Mike Crapo (R-Idaho). The cloud environment “is actually a secured server in the agency’s cloud infrastructure which historically has housed this data and is continuously monitored and overseen—SSA’s standard practice,” the letter stated.
The Senate Democratic personnel report stated the firms did not respond to much of the concerns positioned throughout the examination:
In reaction to these concerns, senior authorities at SSA, GSA, and OPM all stopped working to supply details about who supervised; what conduct DOGE groups were taken part in; and what information those groups had actually been admitted to, consisting of the authorities and constraints assisting their gain access to. None of the firms might respond to easy concerns about organizational charts and staff member functions. Throughout oversight journeys, GSA and OPM would not even straight acknowledge the presence of their DOGE groups– in spite of the reality that Executive Order 14158 needs each company to have a DOGE group consisted of a minimum of 4 individuals. At the OPM website check out, authorities supplied personnel with info that straight opposed court files submitted on the firm’s behalf … None of the companies have actually reacted to personnel’s follow-up concerns, consisting of whether they remain in compliance with federal law.
The Senate personnel report stated that OPM’s “political leadership were determined to deny any existence of DOGE at the agency,” regardless of proof to the contrary. When personnel went to OPM, workplaces were primarily empty and “leadership had difficulty answering a series of basic questions about the agency’s organization and staffing,” the report stated.
When called by Ars today, the SSA did not offer any brand-new reaction to the Senate personnel report however rather pointed us to the Bisignano letter that we blogged about recently.
“I can confirm, based on the agency’s thorough review, that neither the Numident database nor any of its data has been accessed, leaked, hacked, or shared in any unauthorized fashion,” Bisignano composed in the letter. “SSA continuously monitors its systems for any signs of unauthorized access or data compromise, and we have not detected any such incidents involving the Numident database.”
An OPM representative stated in a declaration offered to Ars today, “OPM takes its responsibility to safeguard federal personnel records seriously. This report recycles unfounded claims about so-called ‘DOGE teams’ that simply have never existed at OPM. Federal employees at OPM conduct their work in line with longstanding law, security, and compliance requirements. Instead of rehashing baseless allegations, Senate Democrats should focus their efforts on the real challenges facing the federal workforce. OPM remains committed to transparency, accountability, and delivering for the American people.”
We called the GSA today and will upgrade this post if it offers an action.
Report alerts enemies might hack database
While there’s no reported breach, the Senate Democratic report cautioned that the SSA’s cloud environment might be hacked by foreign foes, consisting of “Russia, China, and Iran, who regularly attempt cyber attacks on the US government and critical infrastructure.”
The report advised the Trump administration to “immediately shut down the new cloud environment at SSA that contains NUMIDENT data,” and take other actions such as withdrawing DOGE access to individual information “until agencies certify that all agency personnel are in compliance with the Federal Information Security Management Act (FISMA), the Privacy Act, the Federal Records Act.” Democrats’ capability to affect the administration is restricted at best, especially with Republicans holding bulks in both the House and Senate.
DOGE looked for access to Social Security information as part of an effort to discover proof of scams. A federal judge composed in March that DOGE “is essentially engaged in a fishing expedition at SSA, in search of a fraud epidemic, based on little more than suspicion.” In June, the Supreme Court permitted DOGE to gain access to SSA records, reversing lower-court choices that enforced some limitations on information gain access to.
Jon is a Senior IT Reporter for Ars Technica. He covers the telecom market, Federal Communications Commission rulemakings, high speed broadband customer affairs, lawsuit, and federal government policy of the tech market.
84 Comments
Learn more
As an Amazon Associate I earn from qualifying purchases.
