DOGE May Have Exposed Millions of SSNs on Insecure Server
▼ Summary
– A Senate Democratic report alleges Elon Musk’s DOGE team has access to all Americans’ Social Security numbers on an insecure cloud server, despite a “catastrophic” risk assessment.
– The report, citing whistleblowers, states DOGE staff moved a live copy of this personal data to the cloud, allowing potential direct manipulation of the information.
– The exposed data reportedly includes birth details, work permit status, and parents’ names, with threats ranging from foreign adversaries to DOGE staffers themselves.
– The report describes DOGE operating with extreme secrecy, including armed guards, locked rooms covered with trash bags, and offices converted into private bedrooms.
– Senate Democrats are calling for the shutdown of DOGE’s cloud environment and revocation of its data access until agencies can certify compliance with privacy laws.
A recent Senate report from Democratic lawmakers raises serious alarms about the security of highly sensitive personal information belonging to millions of Americans. The document alleges that personnel associated with Elon Musk’s DOGE team have been operating a cloud server containing a live database of citizens’ private details, including Social Security numbers, without implementing verified protective measures. This situation persists despite an internal government assessment that explicitly warned of potentially catastrophic consequences should this data be compromised.
According to the findings released by Senator Gary Peters (D-MI), whistleblower disclosures indicate that DOGE staff transferred a functioning copy of this critical information to a cloud environment. The original risk analysis performed by the Social Security Administration concluded that moving such data without robust safeguards would be extraordinarily dangerous. The report emphasizes that this is not a test sample but actual “production data,” which could theoretically be altered or manipulated directly by those with access.
The scope of the exposed information is vast. Beyond Social Security numbers, the database is said to include individuals’ dates and places of birth, their work authorization status, and even their parents’ names. The potential threats are multifaceted, ranging from exploitation by foreign state actors like Russia, China, and Iran to insider risks posed by DOGE employees themselves. One individual named in the report, Edward Coristine, reportedly had unlimited access to the data despite a prior dismissal from an internship for leaking confidential material.
Oversight of this operation appears to have been severely lacking. Officials from the Social Security Administration, who are normally responsible for securing the agency’s cloud infrastructure, were reportedly unable to monitor DOGE’s activities. The report describes an environment of extreme secrecy, with armed guards controlling entry to workspaces. Whistleblowers described rooms that were kept locked, with windows covered by black trash bags and tape. The workspaces were said to be disorganized, featuring stacks of laptops and some offices converted into private living quarters complete with beds and large televisions.
In response to these findings, Senate Democrats are urgently calling on the administration to take immediate action. Their recommendations include shutting down the DOGE cloud environment entirely and revoking the team’s access to personal data until relevant agencies can confirm full compliance with federal privacy laws. They are also demanding full transparency regarding the exact nature and extent of the information to which DOGE employees had access.
The report concludes that the current arrangement presents an unacceptable risk, stating that DOGE’s secretive operations create significant cybersecurity vulnerabilities and opportunities for privacy violations. This environment, the lawmakers argue, could allow malicious actors to target Americans’ most sensitive information or be exploited for the private benefit of DOGE staff and their corporate associates.
(Source: The Verge)
