A senior official from the Social Security Administration (SSA) has raised serious concerns regarding the uploading of extensive Social Security data to a potentially insecure cloud server, placing the personal information of millions of Americans at risk. Charles Borges, the chief data officer at SSA, detailed these allegations in a whistleblower complaint made public on Tuesday, asserting that the decision was approved in June by senior officials despite his objections.
The data in question comes from the Numerical Identification System, encompassing over 450 million records linked to Social Security applications. This sensitive information includes personal details such as names, places of birth, citizenship status, and Social Security numbers of family members. Borges claims that the Department of Government Efficiency (DOGE), a group formed largely by former employees of Elon Musk, transferred this critical data to an agency-operated cloud server hosted by Amazon, which he argues lacks adequate security protocols.
According to Borges, the decision to grant DOGE administrative control over the cloud could enable public access to the sensitive information stored there, violating both internal agency security standards and federal privacy regulations. He emphasised the potential consequences of a data breach, warning that it could expose personally identifiable information (PII) for every American, which includes health history, income details, and other private data.
The whistleblower’s complaint further outlines the potentially disastrous fallout from any data compromise, suggesting it could necessitate the reissuance of Social Security numbers across the country. In a recent development, a federal restraining order that previously barred DOGE members from accessing the database was lifted on June 6, following Supreme Court involvement, allowing these operatives to pursue their objectives within the SSA.
Notably, SSA’s chief information officer, Aram Moghaddassi, approved the database transfer, asserting that the operational needs outweighed the associated security risks. Michael Russo, a senior DOGE figure who had previously held the CIO role at SSA, also sanctioned the data move.
Borges initially voiced his concerns internally before deciding to escalate the issue to Congress, advocating for immediate oversight to address these urgent vulnerabilities. This incident appears to be part of a broader pattern of cybersecurity concerns linked to the administration, which has seen DOGE exert significant control over various federal departments since January 2023.
In response to inquiries regarding the complaints, White House spokesperson Elizabeth Huston did not confirm if the administration was aware of the situation, deferring comments to the SSA. SSA spokesperson Nick Perrine defended the agency’s data management practices, asserting the security of its environments.
Historical data breaches involving federal data stored in cloud systems are relatively uncommon but have occurred, highlighting the critical need for robust cybersecurity measures across government platforms.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
