Additional Coverage:
Whistleblower Alleges Social Security Numbers Exposed on Unsecured Server
A bombshell whistleblower complaint alleges that the entire database of U.S. Social Security numbers was uploaded to an unsecured server in June, potentially exposing the personal information of over 300 million Americans.
Chuck Borges, Chief Data Officer at the Social Security Administration (SSA), filed the complaint on Tuesday. He claims the data, including names, birthdates, addresses, parental information, and Social Security numbers, resides in a “vulnerable cloud environment” lacking proper agency oversight and access tracking. The complaint warns of potential “widespread identity theft” and disruption of vital benefits like healthcare and food assistance should this data fall into the wrong hands.
Borges alleges he raised these concerns internally with no apparent action taken. He maintains the server is vulnerable and lacks adequate security measures.
The SSA, however, insists the data is safe. In a statement, an agency spokesperson asserted that the data is stored in a “long-standing environment” separate from the internet and protected by “robust safeguards.” They emphasized that access is limited to senior officials under the supervision of the SSA’s Information Security team and that they are unaware of any security breaches.
Borges, a Navy veteran, assumed his role at the SSA in January 2025, having previously served at the General Services Administration, the Office of Management and Budget, and the Centers for Disease Control. This complaint raises serious questions about the security of sensitive personal data and will undoubtedly prompt further investigation.