Topics

More from TechCrunch

DOGE uploaded live copy of Social Security database to ‘vulnerable’ cloud server, says whistleblower

Most Popular

Coinbase CEO explains why he fired engineers who didn’t try AI immediately

OpenAI lawyers question Meta’s role in Elon Musk’s $97B takeover bid 

YouTube Music celebrates 10 years with new features that help it compete with Spotify

Hackers who exposed North Korean government hacker explain why they did it

Google, sorry, but that Pixel event was a cringefest

Harvard dropouts to launch ‘always on’ AI smart glasses that listen and record every conversation

Google launches a new Pixel Journal app

Latest

AI

Amazon

Apps

Biotech & Health

Climate

Cloud Computing

Commerce

Crypto

Enterprise

EVs

Fintech

Fundraising

Gadgets

Gaming

Google

Government & Policy

Hardware

Instagram

Layoffs

Media & Entertainment

Meta

Microsoft

Privacy

Robotics

Security

Social

Space

Startups

TikTok

Transportation

Venture

Events

Startup Battlefield

StrictlyVC

Newsletters

Podcasts

Videos

Partner Content

TechCrunch Brand Studio

Crunchboard

Contact Us

DOGE uploaded live copy of Social Security database to ‘vulnerable’ cloud server, says whistleblower Zack Whittaker AM PDT · August 26, 2025 A top Social Security Administration official turned whistleblower says members of the Trump administration’s Department of Government Efficiency (DOGE) uploaded hundreds of millions of Social Security records to a vulnerable cloud server, putting the personal information of most Americans at risk of compromise.

Charles Borges, the Social Security Administration’s chief data officer, said in a newly released whistleblower complaint published Tuesday that other top agency officials signed off on a decision in June to upload “a live copy of the country’s Social Security information in a cloud environment that circumvents oversight,” despite Borges raising concerns.

The database, known as the Numerical Identification System, contains more than 450 million records containing all of the data submitted as part of a Social Security application, including the applicant’s name, place of birth, citizenship, and the Social Security numbers of their family members, as well as other sensitive personal and financial information.

Borges said members of DOGE, the team of former Elon Musk employees appointed to government under the guise of reducing fraud and waste, copied the sensitive database to an agency-run Amazon-hosted cloud server “apparently lacking in independent security controls,” such as who was accessing the data and how they were using it. 

The lack of security protections violated internal agency security controls and federal privacy laws, the complaint alleges. 

Borges said

Borges warned in the complaint that if this information were compromised, “it is possible that the sensitive [personally identifiable information] on every American including health diagnoses, income levels and banking information, family relationships, and personal biographic data could be exposed publicly, and shared widely.” 

The complaint said any compromise or unauthorized access to the database would have “catastrophic impact” on the U.S. Social Security program, describing a worst-case scenario as potentially having to reissue everyone’s Social Security numbers.

While a federal restraining order in March initially blocked DOGE

In the days that followed, DOGE allegedly worked to seek internal approvals from the agency’s top brass, per Borges’ complaint.

The agency’s chief information officer Aram Moghaddassi approved the move to copy the database to the agency’s cloud, saying he “determined the business need is higher than the security risk” and that he accepts “all risks” with the project. The complaint also says Michael Russo, a senior DOGE operative who previously served as the agency’s chief information officer prior to Moghaddassi but remains at the agency, also approved moving live Social Security data to the cloud.

Borges said he first raised issues internally at the agency but later blew the whistle to urge members of Congress to “engage in immediate oversight to address these serious concerns,” according to a statement

This is the latest accusation of poor cybersecurity practices

When reached

In an emailed response, Social Security Administration spokesperson Nick Perrine said the agency “stores personal data in secure environments that have robust safeguards in place to protect vital information.”

“The data referenced in the complaint is stored in a long-standing environment used

The spokesperson said the agency was “not aware of any compromise to this environment.”

Data breaches involving federal government data stored in the cloud are rare but not unheard of. In 2023, TechCrunch reported that the U.S. Department of Defense publicly exposed thousands of sensitive military emails online due to a security lapse. While the email data was stored in Amazon’s separate cloud dedicated for government customers, a misconfiguration allowed the contents of a military unit’s emails to publicly spill online.

Topics

Zack Whittaker Security Editor

Zack Whittaker is the security editor at TechCrunch. He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him

October 27-29, 2025 San Francisco Put your brand in front of 10,000+ tech and VC leaders across all three days of Disrupt 2025. Amplify your reach, spark real connections, and lead the innovation charge. Secure your exhibit space before your competitor does.

Most Popular Coinbase CEO explains why he fired engineers who didn’t try AI immediately Julie Bort

OpenAI lawyers question Meta’s role in Elon Musk’s $97B takeover bid  Maxwell Zeff

YouTube Music celebrates 10 years with new features that help it compete with Spotify Sarah Perez

Hackers who exposed North Korean government hacker explain why they did it Lorenzo Franceschi-Bicchierai

Google, sorry, but that Pixel event was a cringefest Sarah Perez

Harvard dropouts to launch ‘always on’ AI smart glasses that listen and record every conversation Lorenzo Franceschi-Bicchierai Rebecca Bellan

Google launches a new Pixel Journal app Ivan Mehta

X LinkedIn Facebook Instagram youTube Mastodon Threads Bluesky TechCrunchStaffContact UsAdvertiseCrunchboard JobsSite Map Terms of ServicePrivacy PolicyRSS Terms of UseCode of Conduct Pixel 10Made © 2025 TechCrunch Media LLC.