Hundreds of millions of Americans are now at risk—and most don’t even know it.

In June, whistle-blower Charles Borges, Chief Data Officer at the Social Security Administration (SSA), discovered that the Elon Musk's Department of Government Efficiency (DOGE) had quietly uploaded the full Social Security database to a vulnerable cloud server.

This database, known as the Numident file, includes names, addresses, birth dates, and Social Security numbers for every person who has ever held one. In the wrong hands, it’s a blueprint for identity theft.

According to Mr. Borges’s formal complaint, this transfer happened with no independent security monitoring, no proper audit trail, and without oversight from SSA’s own cybersecurity professionals. A risk assessment warned of “catastrophic” impact if the data were exposed. Yet DOGE officials moved forward, bypassing policy and silencing internal objections.

Even now, the agency claims there’s no evidence of a data breach—but that’s not good enough. Americans deserve more than vague reassurances. We deserve answers. We deserve accountability.

Why was this data transferred against explicit warnings? Who authorized it? And why were the SSA’s own experts kept in the dark?

We are calling on:

The U.S. Congress, especially oversight committees,
The Office of the Inspector General at the SSA, and
The Government Accountability Office (GAO)
 

to launch a full, independent investigation into DOGE’s handling of the Numident database and to halt all further transfers of Social Security data until proper oversight and data security protocols are fully restored.

This isn’t about politics—it’s about protecting our personal information. A single reckless move put nearly every American at risk of identity theft, benefit disruption, or worse. We need to know that the agencies entrusted with our most sensitive data are not being overridden by unaccountable actors.