EXCLUSIVE — The Social Security Administration (SSA) on Tuesday told lawmakers its systems are secure and pushed back on allegations from a former senior official who claimed the agency mishandled sensitive personal data.
In a letter to Senate Finance Committee Chairman Mike Crapo (R-ID), SSA Commissioner Frank Bisignano said the agency found no evidence that its Numident database, which contains personally identifiable information on nearly every American, had been “accessed, leaked, hacked, or shared in any unauthorized fashion.”
The inquiry stemmed from a complaint filed by Charles “Chuck” Borges, the agency’s former chief data officer, who alleged that officials tied to the Department of Government Efficiency (DOGE) created “serious data lapses” that put the information of more than 300 million Americans at risk.
In filings through the Government Accountability Project, Borges’ lawyers claimed DOGE officials built “a live copy” of Social Security data in a cloud environment that bypassed oversight, potentially exposing names, dates and places of birth, parents’ Social Security numbers, and citizenship records. Borges said his warnings to leadership were ignored, contributing to a hostile work environment and his resignation in August.
According to SSA, Borges raised his concerns internally on Aug. 6, after which senior executives, including the acting chief information security officer and chief legal counsel, reviewed the claims. The agency concluded the data in question had been stored on a secure server within SSA’s Amazon Web Services cloud infrastructure, where it has historically resided. Officials said the system is continuously monitored and subject to annual audits.
DOGE, established by executive order in January 2025 as part of the Trump administration’s effort to modernize government technology and reduce costs, has drawn scrutiny for seeking broad access to sensitive federal data. A federal judge temporarily blocked DOGE from accessing SSA systems in March, citing privacy and legal concerns, but the Supreme Court later lifted that block in June, allowing the program to resume access while litigation continues.
The response comes after Crapo’s Sept. 10 inquiry, which was prompted by disclosures from Borges. Bisignano emphasized that safeguarding personal data remains his highest priority. “I have been protecting personally identifiable information my entire career, and it has been and will continue to be my highest priority here at SSA,” he wrote.
SOCIAL SECURITY ADMINISTRATION REJECTS WHISTLEBLOWER COMPLAINT OF DOGE-RELATED LEAK
SSA also outlined its broader security protocols, including compliance with federal standards such as the Federal Information Security Modernization Act and oversight by a team of more than 300 cybersecurity professionals.