DOGE Put a Live Copy of Americans' Social Security Data on an Unsecured Server. No One Has Answered for It.

Resist Now 3 min read
Write or Call Your Rep

The single worst exposure of Americans’ personal data this year came from inside the government, not from a foreign hacker. DOGE, the cost-cutting operation that was disbanded in November 2025, had uploaded a live copy of the Social Security database to an unsecured third-party server, putting the personal information of millions of people within reach of anyone who found it, TechCrunch reported in its midyear review of the worst breaches of 2026.

Two senior House Democrats investigating the episode said it “could very well be the largest data breach in our nation’s history.” The database holds the Social Security numbers, earnings records, and identifying details Americans cannot simply change after they leak.

A Year of Systems Falling

The Social Security exposure did not happen in isolation. In April, the FBI declared a “major cyber incident” after one of its surveillance systems was compromised, an intrusion that may have exposed the phone numbers of people the bureau was tracking. Investigators attributed it to Chinese intelligence.

The softest targets are physical. Security researchers warn that U.S. water utilities, many without basic protections, are being probed, and Iranian-linked hackers have been cited as a rising threat to that infrastructure since the war. Total reported U.S. cybercrime losses reached $21 billion.

Government Data Is Only as Safe as the People Handling It

The pattern connecting these is not sophistication. It is care. A foreign spy service breaking an FBI system is a hard problem, but copying a live Social Security database onto an unsecured outside server is a self-inflicted one. It is the kind of mistake that basic rules, encryption, access limits, and a ban on moving live records off government systems, exist to prevent.

Those rules were sidelined for speed. DOGE moved fast through agency data systems, and the career staff who maintained the guardrails were among the roughly 7,000 workers cut from the Social Security Administration. When the people who know the safeguards are gone, the safeguards go with them.

No One Has Been Held to Account

The most striking number is zero. Congress has not held a single oversight hearing into how DOGE accessed and handled the data of nearly every American with a Social Security number. The Government Accountability Office already found that required security controls were missed.

An exposure this size normally triggers investigations, notifications to the people affected, and someone answering under oath. Here, the operation that caused it was quietly shut down, and the question of who is responsible has simply been left open.

What You Can Do Now

  1. Use the letter below to demand your senators and representative hold oversight hearings on how DOGE accessed and exposed Social Security data, and on who is now responsible for notifying and protecting the Americans whose information was left unsecured.

  2. Call your members of Congress at (202) 224-3121. Ask a specific question: has anyone been required to testify under oath about the Social Security data exposure, and if not, why not?

  3. Protect yourself while the government does not. Consider a credit freeze with the three major bureaus, which is free and blocks new accounts from being opened in your name if your Social Security number is exposed.

Sources


Write Your Rep ↓