A whistleblower has accused the Department of Government Efficiency (DOGE) of mishandling sensitive Social Security data, potentially exposing personal information of hundreds of millions of Americans, according to a report by The New York Times.
In a formal complaint, the whistleblower, Charles Borges, alleges that DOGE transferred the Social Security Administration’s entire database to a vulnerable cloud server—creating what Forbes describes as “enormous vulnerabilities.” The complaint warns that if malicious actors were to access the system, it could lead to widespread identity theft, disruption of healthcare and food benefits, and force the government to reissue Social Security numbers nationwide—a process that would be both complex and costly.
Borges, who joined the agency in January, clarified that there is no evidence the data has been breached. However, he emphasized that the lack of audits and transparency means there’s no way to verify how the data is being handled or whether it has been improperly accessed or shared.
An official risk assessment cited in the complaint labeled the project as “high risk.” Borges claims he was deliberately excluded from key meetings about the data transfer, and that the decision to move forward was made despite multiple internal warnings. He also alleges that senior officials with connections to Elon Musk’s companies signed off on the project, having advocated for DOGE to gain broad access to the confidential information.
Internal communications reviewed as part of the complaint indicate the upload was intended to improve data-sharing between government agencies. Borges has submitted his complaint to the Office of Special Counsel and members of Congress for further investigation.