Washington, September 25, 2025 — A Senate report has accused the Department of Government Efficiency (DOGE) of exposing millions of Americans to unprecedented privacy and cybersecurity risks by storing highly sensitive personal data on an unsecured cloud server.
The report, issued by Sen. Gary Peters (D-Mich.), ranking member of the Senate Homeland Security Committee, warns that the mishandling could lead to a scenario where every American might eventually need to be issued a new Social Security number.
FutureCrime Summit 2026: Registrations to Open Soon for India’s Biggest Cybercrime Conference
Whistleblower Flags “Vulnerable Cloud Environment”
The revelations stem from a whistleblower complaint filed in August by Chuck Borges, the former chief data officer at the Social Security Administration (SSA). Borges alleged that DOGE staff created a “vulnerable cloud environment” that hosted critical SSA data without sufficient monitoring or security safeguards.
According to whistleblower disclosures, DOGE-affiliated officials Michael Russo and Aram Moghaddassi authorized the upload of live SSA data into the cloud environment, which included a full copy of the Numerical Identification Files (NUMIDENT). These files contain personal details of every individual ever assigned a Social Security number — including names, dates and places of birth, parents’ names, and SSNs themselves.
Risk of Catastrophic Data Breach
An internal SSA risk assessment estimated a 35–65% chance of a breach occurring, with a “catastrophic adverse effect” on individuals and national systems. Experts warn that a mass compromise of Social Security numbers would have sweeping consequences, disrupting access to healthcare, financial institutions, and essential government services.
“SSNs are the backbone for accessing all kinds of public and private services, from acquiring a driver’s license to going to the doctor,” the Senate report stressed. “If the entirety of U.S. SSN data was compromised, the possible impact on the economy could be enormous.”
Calls for Shutdown and Full Audit
The committee’s Democratic staff recommended immediate corrective action, including shutting down the cloud environment and conducting a comprehensive audit to assess whether breaches or data manipulation have already taken place.
However, the report also noted that due to the lack of agency oversight into the cloud system, it may never be possible to determine the full extent of potential damage.
“Americans must have confidence that their most sensitive information is protected,” Sen. Peters said, urging the SSA to prioritize security reforms and transparency.
