Dem
47
GOP
53
Back during the Day of the DOGE, a lot of people were worried that Elon Musk and his merry band of DOGEys (remember them?) would steal confidential data they got access to. Now a whistleblower is claiming that the fears were real and one of the DOGEys copied sensitive Social Security data onto a USB stick and is sharing that with his new employer, a government contractor. The allegation is serious enough that the Social Security Administration's inspector general is investigating the claim and has informed the top members of four congressional committees.
A reporter at The Washington Post spoke with the whistleblower and learned that a former software engineer who worked for the now-defunct DOGE had access to two key SS files, "Numident" and the "Master Death File." Together, they had records of 500 million living and dead Americans, including names, SS numbers, dates and places of birth, citizenship, race, and information about parents. Assuming each record is under 2 KB, the entire database would fit in under 1 TB. USB sticks with a capacity of 1 TB are commercially available for under $100, so stealing the entire database and putting it on a USB stick is certainly possible. According to the claim, the theft occurred in early January.
The engineer supposedly asked another colleague to help him, but the colleague refused because he knew copying the data was illegal. The thief didn't see that as a problem because he expected a presidential pardon if he was caught. After leaving government service, he foolishly bragged to others that he had the data and "God-level" security access to the SSA systems no other SSA employee has.
The SSA system is 60 million lines of COBOL that runs on IBM mainframes. And yes, mainframes are still here. The IBM z17 was introduced in June 2025, runs a virtual machine monitor (z/VM) on the bare metal, and can support thousands of virtual machines running either z/OS or Linux as guest operating systems. The z17 can run unmodified 1960s COBOL programs, just thousands of times faster than the old IBM System/360 could. A high-end z17 can process hundreds of thousands of transactions/sec.
Normally, access to the SSA database is extremely limited, but that good ol' security-conscious Supreme Court allowed Elon Musk and his merry band of hackers full access because, well, the president is like a king and if he says they can have it, then they can have it.
But it gets worse. Rep. Robert Garcia (D-CA), the ranking member of the House Oversight Committee, said: "Not only has an ex-DOGE bro been accused of running around with the Social Security information of every American on a flash drive, he also may have the ability to edit and manipulate data at the Social Security Administration at will. This is dangerous and outrageous, and Oversight Committee Democrats will fight for transparency and accountability." Good luck with that.
How might the data be misused? Since they contain citizenship information, a contractor hired to ferret out noncitizen voting could possibly change the citizenship status of people in carefully selected zipcodes to "noncitizen" and then use the modified data to pressure states into removing these people from the voting rolls.
Is there any way to know how many copies of the USB stick have been made and where they are now? Uh, no.
Are Democrats aware of this situation? Yes. The ranking member of the Senate Finance Committee, Ron Wyden (D-OR), issued this statement yesterday: "These allegations describe one of the largest known data breaches in American history, perpetrated by Trump appointees for the explicit purpose of weaponizing Americans' sensitive personal data for political gain. There must be a full public accounting of this breach at Social Security, including justice for anyone who committed or enabled criminal theft of Americans' data." Will Senate Republicans join Wyden? Will the DoJ go after the perps? Will pigs fly? (V)