Skip to main content

Did Elon Musks DOGE copy the entire Social Security database to an insecure cloud system? A whistleblower says it did.

Elon Musk wearing a DOGE shirt

The Social Security Administration's Chief Data Officer is blowing the whistle on President Donald Trump and Elon Musk's Department of Government Efficiency, better known as DOGE.

According to the Government Accountability Project, which is representing whistleblower Charles Borges, DOGE officials have risked the security of more than 300 million Americans by creating a "live copy of the country's Social Security information in a cloud environment that circumvents oversight."

SEE ALSO: Elon Musk's xAI sues Apple and OpenAI over App Store drama

Borges says that he became aware of "serious data security lapses, evidently orchestrated by DOGE officials, currently employed as SSA employees" in recent weeks, as the Social Security database was copied to an insecure live cloud system.

What did DOGE do with Social Security data?

The Government Accountability Project sent a letter detailing Borges' account of DOGE's actions to members of Congress and the U.S. Office of Special Counsel on Tuesday. The letter claims that DOGE "violated laws, rules, and regulations," as well as partook in "abuse of authority, gross mismanagement, and creation of a substantial and specific threat to public health and safety."

"This vulnerable cloud environment is effectively a live copy of the entire country's Social Security information from the Numerical Identification System (NUMIDENT) database, that apparently lacks any security oversight from SSA or tracking to determine who is accessing or has accessed the copy of this data," the letter says.

"NUMIDENT contains all data submitted in an application for a United States Social Security card — including the name of the applicant, place and date of birth, citizenship, race and ethnicity, parents' names and social security numbers, phone number, address, and other personal information. Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost."

The letter also includes an email from July 15 from the DOGE-embedded SSA Chief Information Officer (CIO) Aram Moghaddassi signing off on the project.

Moghaddassi is quoted in the email as saying, "I have determined the business need is higher than the security risk associated with this implementation and I accept all risks associated with this implementation and operation."

As Ars Technica points out, Moghaddassi previously worked at Elon Musk's social media platform X and Musk's brain chip company Neuralink. Moghaddassi was onboarded into a government role through DOGE, originally embedded at the Department of Labor before becoming the CIO and the SSA around two months ago.

The Trump Administration created DOGE along with Elon Musk after Trump won the 2024 presidential election in a stated effort to eliminate waste, fraud, and abuse within the government.

However, DOGE quickly became embroiled in controversy. It accessed sensitive data without going through the proper security channels, cut lifesaving programs through the dismantling of USAID, and misinformed the public about its findings of so-called waste, fraud, and abuse.

DOGE's access to Social Security data has been known, and its handling of this data has been criticized. But this new revelation from whistleblower Borges that DOGE has created a live copy of the database has not been previously disclosed.

In their letter, Borges and the Government Accountability Project are urging Congress to investigate the matter.



from Mashable https://ift.tt/bn3NjGu
https://ift.tt/V82FGDY
Labels:

Comments

Post a Comment

Popular posts from this blog

When the clocks change for Daylight Saving Time, and why we do it at all

The clocks on our smartphones do something bizarre twice a year: One day in the spring, they jump ahead an hour, and our alarms go off an hour sooner. We wake up bleary-eyed and confused until we remember what just happened. Afterward, "Daylight Saving Time" becomes the norm for about eight months (And yes, it's called "Daylight Saving" not "Daylight Savings." I don't make the rules). Then, in the fall, the opposite happens. Our clocks set themselves back an hour, and we wake up refreshed, if a little uneasy.  Mild chaos ensues at both annual clock changes. What feels like an abrupt and drastic lengthening or shortening of the day causes time itself to seem fictional. Babies and dogs demand that their old sleep and feeding habits remain unchanged. And more consequential effects — for better or worse — may be involved as well (more on which in a minute). Changing our clocks is an all-out attack on our perception of time as an immutable law of ...
Post a Comment
Read more

Install Ngrok in Termux without error

  Install Ngrok in Termux without error 2022||ANISH SAHU|| Well Hello there welcome to techy Teacher Today in this Blog I will teach you how you can install or configured ngrok in Termux. What is Ngrok ? ngrok is a cross-platform application that allows developers to quickly and easily expose a local development server to the internet. The software system makes your locally hosted net server appear to be hosted on a subdomain of ngrok.com, which eliminates the need for a public science or a name on the native computer. What is Ngrok used for ? ngrok allows you to expose a web server operating on your local machine to the internet. Simply specify the port on which your internet server is listening to ngrok. Is Ngrok safe to use...? ngrok could be a tunnelling reverse proxy that establishes secure tunnels from a public termination to a regionally running network service while collecting and replaying all traffic. On GitHub, it's an associate degree ASCII text file project. Open rever...
1 comment
Read more