[Privacy] 300 Million Americans personal data stolen from Social Security office

Gonna need more than a bunch of random tweets there, chief.

 

Does it matter? Let's just blame Trump..... That's what it's going to boil down to anyways....

 

Millions of Americans’ Social Security Data Put at Risk by DOGE, a Whistleblower Says. Here’s What to Know

The private information of hundreds of millions of Americans is at risk after the Department of Government Efficiency uploaded a copy of a vast Social Security database to a cloud server in June, according to a whistleblower complaint from the chief data officer for the Social Security Administration.


The vulnerable DOGE server contains the information of every American who has applied for a Social Security card, including the applicants’ names, dates of birth, citizenships, ethnicities, phone numbers, addresses, and other personal information, potentially compromising the security of over 300 million Americans, according to the complaint, filed by Charles Borges to the Office of Special Counsel and members of Congress.

“Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re issuing every American new Social Security Number at great cost,” the complaint reads.

What is the database DOGE allegedly copied?
DOGE transferred Social Security information from the Numerical Identification System (NUMIDENT) database to an internal server only DOGE could access, according to the complaint.


NUMIDENT contains all required information on applications for a United States Social Security card. Nearly 550 million Social Security numbers had been issued as of earlier this month.

What potential risks do Americans face?
When asked about Borges’ report that DOGE copied sensitive NUMIDENT data into an unsafe server, the Social Security Administration told TIME in a statement that “Commissioner Bisignano and the Social Security Administration take all whistleblower complaints seriously.”

It went on to state that “SSA stores all personal data in secure environments that have robust safeguards in place to protect vital information. The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the internet. High-level career SSA officials have administrative access to this system with oversight by SSA’s Information Security team. We are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data.”


But the whistleblower report, filed by lawyers at the Government Accountability Project, a whistleblower protection group, highlights concerns over a lack of “independent security controls” for the server, “including independent tracking of who is accessing the data and how they are using it.”

Borges’ claim also stated that “no verified audit or oversight mechanisms existed” for the DOGE server.

“This kind of misuse I have not seen from the federal government,” said Susan Landau, a professor of cybersecurity and policy at Tufts University, calling the alleged move to put such sensitive information at risk a “cowboy act.”

If this information were accessed, scammers could more convincingly extort or deceive individuals, according to Landau.

She explained that if bad actors gained access to an individual’s NUMIDENT information, they could easily find additional sources of personal information and create a holistic profile on the person that could be used to impersonate official entities such as banks, or lure people into ponzi schemes.


Landau also warned of the potential for harm if nations such as China or Russia were able to access DOGE’s Social Security cloud.

“I'm appalled,” Landau added. “The federal government, over the last 20 years, has really worked hard to protect this data. Now … what appears to be going on is creating more and more of the data available in one place. And that's not a good security practice. And to put it on an insecure server is downright crazy.”

Herbert Lin, a fellow in cyber policy and security at Stanford University, expressed concerns about the fact that access to Social Security data has been expanded to DOGE employees and is not only accessible through federal channels.

“The situation is worse now because more people have potential access to it,” Lin said. “I don't know who they hire, and if anybody does, let me know. But that's the issue.”

Lin also sees the question of the legality of DOGE’s ability to interfere with federal agencies as a key issue in the relocation of data that was once solely protected by the Social Security Administration.


“I mean, the fact that its authority doesn't come from an act of Congress matters to me,” Lin said. “I think it should matter to anybody.”

How is the government responding?
Borges’ complaint outlines his internal whistleblower activity, saying he disclosed to his superiors that the re-issuance of Social Security Numbers to Americans whose data was leaked was a “worst-case outcome.” Following his various internal complaints, Borges has not received information to “indicate that the cloud environment hosting the American public's NUMIDENT data is protected by best practice and industry standard independent security controls,” according to the report.

The Office of General Counsel has additionally advised employees not to respond to Borges’ multiple inquiries into the security and risks of the DOGE Social Security server, the complaint alleges.

Borges is expected to meet with an oversight committee and members of Congress to discuss his findings.


TIME has reached out to DOGE for comment.

https://time.com/7312556/doge-social-security-data-whistleblower-complaint/

 

if you don't think so, i have a bride in Az to sell you

where the buck stops!



DOGE was another one of many of the dotard's ill-conceived ideas

• tariffs and the many TACO back-pedalings
• ingesting cleaning solutions to fend off COVID
• targeting/separating children from migrant families who crossed the border
• naming
  • the former heroin addict RFK to head Health Service
  • Assad sympthyzer and voting fraud criminal Tulsi Gabbard to be DNI
  • a habitual DUI abuser to head Dept of Defense

 

Are you saying the POTUS, who enabled DOGE to operate with no oversight, no transparency, and no security is not blameworthy?

Look, this isn't at all surprising. Go back to the doge thread and see what I posted about how we will later find out that our private data was at best, leaked due to weak security, or at worst, stolen. So this isn't at all surprising to see. The Whistleblower is saying millions of Americans' Social Security numbers are at risk because of DOGE's reckless operation. If DOGE and the administration is not to be blamed and held responsible, who is?

 

I just assume after Trump let Elon go nuts with DOGE that the Federal Government is now even tracking my bowel movements. The party of Reagan has truly died, and instead we are everything those anti communist fear mongers wouldn't stop yelling about.

When Reagan said "The nine scariest words are "I'm from the government, and I'm here to help" he really should have said "The nine scariest words are "I'm here to serve you an indictment because an 18 year old called Big Ballz from the federal government hacked your mortgage statements, and found you shorted the IRS 12 dollars... oh and we think YOU are a communist.... oh and ICE is around the corner to deport you to Venezuela because you wrote a mean tweet about Trump".

 

Who setup DOGE, and allowed Elon and Big Ballz the ability to hack the entire federal government database, and take that with them to do god-knows what???

Serious question.... Who setup DOGE?? Why wouldn't that person be blamed for this??

 

Is this as concerning as Hillary’s email server?

 

The people that voted him into office?

 

Who has bigger balls: Hillary or Big Balls?

 

Hey man, if they stop blaming Trump, your not going to have anything to defend him from

And then what are we doing? Nothing? Being bored, losing our interactions, losing our sense of community. Becoming lonely. Hell no man, that sounds awful. This is trumps fault you son of a b****. <3

 

fify

 

The people that didn't vote?

No to both.

 

You just picked a tough one to become captain save a bro for is all, it will pass.

 

Why are you suddenly concerned with private data now, as if the tech industry hasn't already had access to it and abused it for years? As if marketing and ad agencies, who are 90% liberal, haven't used every dirty trick in the book to gain the data they need for targeted ads?

Are you saying Obama is not blameworthy for Cambridge Analytica, who primarily stole data in 2014 from an app developed in 2013?

As of December 2015, CA claimed to have collected up to 5,000 data points on over 220 million Americans.

Why the sudden concern?