A senior official at the U.S. Social Security Administration today filed a whistleblower complaint over DOGE’s access to agency data.

The official, SSA Chief Data Officer Chuck Borges, is represented by the nonprofit Government Accountability Project. The whistleblower complaint is addressed to members of Congress and the U.S. Office of Special Counsel.

An SSA spokesperson pushed back against the complaint. “SSA stores all personal data in secure environments that have robust safeguards in place to protect vital information,” the spokesperson said in a statement. “The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the Internet.”

Multiple DOGE, or Department of Government Efficiency, staffers joined the SSA at the start of the year. In March, a lawsuit led a federal court to block the staffers from accessing certain agency data. The Supreme Court reversed the decision in June.

At the center of today’s whistleblower complaint is an SSA database called NUMIDENT. It contains information from more than 300 million Americans’ Social Security card applications. Those applications include names, dates of birth, addresses and other personal data along with information about family members.

The complaint charges that DOGE staffers have created what is “effectively a live copy” of NUMIDENT in an insecure cloud environment. According to the document, SSA officials have no way of tracking who can access the database. Additionally, the system is believed to be managed by DOGE developers instead of an SSA infrastructure team called DIS that is required to operate such sensitive systems.

“Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost,” reads the complaint.

According to the document, DOGE started seeking access to SSA data a few days after the court order that prohibited it from doing so was lifted in June. When DOGE staffers asked to create a cloud-based copy of NUMIDENT, a career SSA official circulated a document known as a Risk Acceptance Request Form. The official described the request as “high-risk.”

“The primary risk here is that NUMIDENT becomes a high-value single point of compromise,” said Mayank Kumar, a founding AI engineer at cybersecurity company DeepTempo.  “A ‘live’ copy means transactional data is continuously updated, which increases the attack surface compared to a static archival dataset.”

The complaint states that Borges shared his concerns about the project with senior SSA officials on August 6. According to the document, one of those officials “noted” the possibility that “re-issuance of Social Security Numbers to all who possess one was a potential worst case outcome.” However, DOGE nevertheless proceeded with the project.

The complaint charges that the project breaches both the SSA’s internal policies and a piece of legislation called the FISMA. It goes on to ask lawmakers to launch an investigation into the matter.

“The scale and sensitivity of this data make it one of the most critical assets managed by the federal government, underscoring the importance of maintaining strong safeguards at every stage of its handling,” said Ryan Sherstobitoff, the field chief threat intelligence officer of cybersecurity software provider SecurityScorecard Inc. “This incident highlights the urgent need for continuous oversight, clear governance, and rigorous access controls in how sensitive data is managed and shared, especially when cloud infrastructure or third-party systems are involved.”

It’s unclear whether the insecure NUMIDENT database is connected to DOGE’s previously reported push to rewrite the SSA’s software. In March, sources told Wired that the initiative focused on the system the agency uses to process payments. DOGE reportedly planned to rewrite the software in a matter of months, which led experts to raise concerns that the project could lead to technical issues. 

Photo of SSA headquarters: Coolcaesar/Wikimedia