BigTech Companies Cybersecurity Newswire Technology

Trump Administration Denies Social Security Data Breach

September 17, 2025Last Updated: September 17, 2025

2 minutes read

Protestor holds a sign reading "DELETE DOGE" with an X over Elon Musk's face. — NEW YORK, NEW YORK - MARCH 19: People hold signs as they hold an "informational picket" over DOGE's reductions to the federal workforce outside the Jacob K. Javits Federal Office Building on March 19, 2025 in New York City. Federal workers and supporters from affected federal agencies, labor leaders, elected officials, and consumer advocates protested Elon Musk's Department of Government Efficiency (DOGE) and the firings of federal workers. (Photo by Michael M. Santiago/Getty Images)

▼ Summary

– The Trump administration denied a whistleblower’s claim that SSA officials copied the NUMIDENT database to an insecure cloud system, stating it is stored on a secured server.
– SSA Commissioner Frank Bisignano confirmed that the Numident database has not been accessed, leaked, hacked, or shared in any unauthorized fashion.
– The agency continuously monitors its systems and has not detected any unauthorized access or data compromise incidents involving the Numident database.
– The whistleblower alleged that DOGE officials created a live copy of Social Security information in a cloud environment that circumvents oversight and lacks security controls.
– Bisignano clarified that SSA has stored personally identifiable information in AWS for nearly 10 years and does not have a private cloud within its secure AWS environment.

The Trump administration has issued a more detailed denial in response to a whistleblower’s claim that officials at the Social Security Administration improperly copied a sensitive national database to an unsecured cloud system. The allegations involve the Numerical Identification System (NUMIDENT), which holds vast amounts of Americans’ personal identification data.

In a letter addressed to Senate Finance Committee Chairman Mike Crapo, the agency refuted the claims, stating that the location referenced in the report is in fact a secured server within the agency’s cloud infrastructure. This server, according to the administration, has historically stored such information and is subject to continuous oversight and monitoring, standard procedure for the SSA.

The correspondence was authored by Social Security Commissioner Frank Bisignano, a Trump appointee and former Fiserv CEO. It was prepared in direct response to a request for clarification from Senator Crapo.

Bisignano emphasized that a comprehensive review confirmed no unauthorized access, leakage, hacking, or sharing of the Numident database had taken place. He further noted that the SSA maintains ongoing surveillance of its digital systems to identify any potential security breaches, and no incidents involving the Numident have been detected.

This rebuttal follows earlier reports in which former SSA Chief Data Officer Chuck Borges alleged that certain officials had established a live replica of the nation’s Social Security records in a cloud setting that evaded standard oversight protocols. The Government Accountability Project, which is representing Borges, informed congressional members and the Office of Special Counsel that this environment was highly vulnerable and appeared to function as a full copy of the NUMIDENT database, allegedly lacking security supervision or access logging.

In his response, Bisignano clarified that the SSA has utilized Amazon Web Services for nearly a decade to house personally identifiable information. He explicitly stated that the Numident database was never moved to a private cloud server within the SSA’s AWS environment, adding that the agency does not maintain a private cloud segment inside its secured AWS infrastructure.

(Source: Ars Technica)