WASHINGTON ― Personal information of more than 300 million Americans is at risk of being leaked or hacked after employees of the Department of Government Efficiency uploaded a sensitive Social Security database to a vulnerable cloud server, the Social Security Administration's chief data officer said in a whistleblower complaint.

DOGE's actions have effectively created "a live copy of the entire country’s Social Security information," lawyers for chief data officer Charles Borges alleged in the Aug. 26 complaint, which contends the information is on a server that lacks security oversight and a way to track who has accessed the data.

The data ‒ which Borges said was copied to a server that only DOGE employees could access ‒ includes all information required to apply for a Social Security card: Social Security numbers, names of the applicants, places and dates of birth, parents' names, race and ethnicities, citizenship, and other personal information.

"Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost," attorneys for Borges wrote in the complaint, which was filed by the Government Accountability Project, a whistleblower protection group.

The Trump administration's DOGE, previously led by billionaire tech entrepreneur Elon Musk, took the federal government by storm in the early weeks of Trump's second term, fanning out across departments and agencies including the Social Security Administration to cut programs and identify employees to terminate.

DOGE began taking steps to move Social Security data to a cloud environment, according to Borges, shortly after the Supreme Court ruled on June 6 that DOGE employees can have complete access to the data of millions of Americans kept by the Social Security Administration. The high court paused a federal judge’s prior order blocking DOGE from immediately getting broad access to the data.

The complaint, reported first by the New York Times, cites possible violations of Social Security protocols and federal privacy laws. The complaint was addressed to the U.S. Office of Special Counsel and committee leaders in the U.S. House of Representatives.

The White House referred USA TODAY to the Social Security Administration when asked to comment.

A spokesperson for the department, in a statement, said the Social Security Administration and its commissioner, Frank Bisignano, "take all whistleblower complaints seriously" but rejected the concerns raised by Borges.

"The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the internet," the statement said. "High-level career SSA officials have administrative access to this system with oversight by SSA’s Information Security team. We are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data.”

DOGE officials ignored security concerns and protocols, complaints says

Borges' complaint said former DOGE employee John Solly on June 10 requested the Social Security data be transferred to a new cloud. Only DOGE employees, not IT workers, would have access to the server.

Given the sensitivity of the data, cybersecurity officials within the department raised concerns about the arrangement. "Unauthorized access to the (data) would be considered catastrophic impact to SSA beneficiaries and SSA programs," one warning read.

Aram Moghaddassi, the Social Security Administration's chief information officer and a longtime ally of Musk, nevertheless on June 15 authorized a “Provisional Authorization to Operate” to upload the data to cloud. He wrote that, "I have determined the business need is higher than the security risk associated with this implementation and I accept all risks associated with this implementation and operation," the complaint says.

The request was later signed off by another DOGE employee, Michael Russo, on June 26, bypassing the agency's rules and protocols, according to Borges.

The complaint calls Moghaddassi's authorization "an abuse of authority" that constitutes a "gross mismanagement, substantial and specific threat to public health and safety, and potential violation of law."

"Moghaddassi circumvented independent security monitoring and authorized himself to 'assumethe risk' of holding a copy of the American public’s social security data in a potentially unsecured cloud environment," the complaint says. "In reality, it is the American people who assume the risk."

Since Musk's departure from the White House in May, DOGE's efforts to cut government spending have taken on a lower profile, yet DOGE employees remaining working across the federal government including in the Social Security Administration.

DOGE is set to end its work in the Trump administration in the summer of 2026 under an executive order the president signed in January.

Reach Joey Garrison on X @joeygarrison.

This article originally appeared on USA TODAY: DOGE put Social Security data of millions of Americans at risk, whistleblower says

Reporting by Joey Garrison, USA TODAY / USA TODAY

USA TODAY Network via Reuters Connect