Copyright Newsweek
Social Security employees were crying in the office under the Department of Government Efficiency’s leadership, according to a former chief executive at the SSA. Charles Borges worked as the chief data officer for the Social Security Administration and sounded the alarms on Elon Musk’s DOGE updates, which he said threatened Americans’ data privacy, including personal information like names, birthdays and addresses. DOGE’s changes, including mass layoffs as well as its use of Americans’ private information, regularly caused employees to cry at work, Borges told The Washington Post. “I cannot count how many employees I saw cry, and that is at all levels of the agency, from executives downward,” Borges said. Why It Matters Around 70 million Americans rely on Social Security payments each month. Once President Donald Trump was elected, DOGE made significant cuts to many government agencies, including the SSA, which lost 7,000 employees in the process. What To Know Borges filed a whistleblower complaint in August, letting Congress know that the SSA’s cloud server had little oversight and was highly vulnerable to potential data hacks. After this complaint, Borges alleged he faced a hostile work environment and subsequently quit his job after several decades of working for the government. Social Security officials have said there’s no security risk, but other executives have also warned about the concerns in putting that sort of private information on a cloud server. “Prove me wrong,” Borges told The Washington Post. “The only way I feel like we’re going to get to that point is with continued public interest, continued public pressure, and I’m willing to lend my name.” In a letter to Senate Finance Chair Mike Crapo, SSA Commissioner Frank Bisignano said the SSA completed a thorough review and did not find evidence that Numident, the master database of around 500 million living and dead Americans was “accessed, leaked, hacked, or shared in any unauthorized fashion.” “The location referred to in the whistleblower allegation is actually a secured server in the agency’s cloud infrastructure which historically has housed this data and is continuously monitored and overseen — SSA’s standard practice,” Bisignano wrote. Borges spoke to The Washington Post about his continued concerns alongside former acting Social Security commissioner Leland Dudek, who confirmed that the cloud server DOGE used is not adequately protected. “That absolutely has been the problem with that environment since I’ve been with the agency, that it is too little secured,” Dudek said, according to The Washington Post. While Dudek said he never gave DOGE permission to add this data to the server, the SSA told Newsweek that Borges’ allegations are unfounded. “The unfounded allegations outlined in the complaint hinge on a risk assessment prepared for a project that never happened. To be clear, SSA has never placed Numident data in a testing or development environment. In reality, SSA leveraged its long-standing production environment that has been in use since 2016. The complaint is riddled with inaccuracies and shows a woeful misunderstanding of SSA’s secure environments,” SSA press officer Barton Mackey told Newsweek. “As we have stated publicly and in response to congressional inquiries, SSA's systems and data are secure and controlled under strict security protocols, consistent with Federal and industry standards, which we take great lengths to uphold and maintain. As part of these constant efforts, access to sensitive data is tightly controlled based on job requirements, the completion of required trainings, and leadership approval. There are no DOGE employees within CIO or at SSA, only SSA employees.” Borges began his job at the SSA just hours before a government-wide hiring freeze, and the data office was disbanded shortly after, with many employees unsure who to report to, he said. DOGE also instructed Social Security to add 6,100 living immigrants to a deaths database and falsely label them as deceased. Borges quit his position and wrote in a letter to Bisignano that “after reporting internally to management and externally to regulators serious data security and integrity concerns impacting our citizens’ most sensitive personal data, I have suffered exclusion, isolation, internal strife, and a culture of fear, creating a hostile work environment and making work conditions intolerable.” “I’m only a canary in a coal mine,” he told The Washington Post. What People Are Saying An SSA spokesperson told Newsweek: “We strongly dispute the claim made by the former acting commissioner and are confident in the security of our systems.” Caroline Raker, a registered Social Security analyst and owner of Clarity Financial, told Newsweek: “Protecting whistleblowers is essential to preserving government accountability. When individuals come forward to expose potential misuse or mishandling of sensitive information, they often do so at great personal and professional risk. Ensuring their protection isn’t just about fairness—it’s about safeguarding the integrity of the systems that affect millions of people.” Michael Ryan, a finance expert and the founder of MichaelRyanMoney.com, told Newsweek: "The former SSA Chief of Staff testified that DOGE's entire investigation was 'based on an inaccurate understanding' of Social Security data. When the data cop gets pushed out for raising alarms, that's a flashing red light. "Bottom line: This isn't a privacy debate; it's a financial security crisis. Every retiree, every disability beneficiary, every working American has skin in this game. The question isn't whether these claims have merit. That's not debatable. It's whether we're willing to gamble with the most sensitive database in America on an unproven cloud experiment." What Happens Next Raker said the scale of a potential data breach means millions of Americans could face privacy risks. “In this case what’s truly alarming is the scale of the potential breach,” she said. “If these allegations are proven true, millions of Americans with Social Security numbers could face devastating risks—including identity theft, financial fraud, and long-term privacy breaches. The protection of the personal data and security of everyday people who trust the government to keep their most sensitive information safe must be the main priority.”
