DOGE has compromised the social security data of millions of Americans

In what could be the biggest cybersecurity crisis in U.S. history, DOGE employees uploaded the entire Social Security database to a vulnerable cloud server, putting the personal information of hundreds of millions of citizens at risk.

According to a complaint filed by Charles Borges, the Social Security Administration’s (SSA) chief data officer, DOGE employees copied the Numident database, which contains all Social Security numbers issued in the United States, to an internal server in June without independent monitoring. The database contains full names, dates of birth, addresses, and parental information, making it an extremely attractive target for hackers.

1. Security experts warn that if compromised, the consequences could be catastrophic, from large-scale identity theft and loss of access to health or welfare benefits to the need to reissue new Social Security numbers for all Americans. Pete Luban of AttackIQ stressed that the leak could affect generations of citizens.

2. Despite the SSA’s claims of “secure storage environments,” experts point to a misconception about the security of cloud platforms. As Gabriel Hempel of Exabeam points out, without proper architecture, access control, and auditing, the cloud can be even more vulnerable than legacy on-premises systems.

3. Numident has been around since 1936 and contains information collected through the SS-5 form. It is a unique database that links data to every Social Security number issued. To date, the SSA has issued more than 548 million numbers, and the compromise of this array turns it into a “single point of critical risk.”

This is not the first scandal with DOGE: previously, whistleblowers have reported the destruction of key information systems at the National Labor Relations Board, which also led to the leakage of confidential data.

The Social Security Database leak highlights a deep crisis in the management of government data in the United States. Experts say that unless the government steps up monitoring and access controls, the leak could become a national disaster, and the reissuance of Social Security numbers could be a years-long process with enormous economic and social consequences.