Feds now admit DOGE accessed personal data at Social Security, jeopardizing your privacy
-
Click here to listen to this article - Share via
- The government denied that DOGE had misused private data held by Social Security. Now it admits staffers did access private information.
Back in March, Social Security officials swore to a federal judge that members of Elon Musk’s DOGE team never had access to individuals’ personal information held at the agency, and certainly could not have misused it even if they had.
The Social Security Administration has now taken all that back.
In a “notice of corrections” filed Jan. 16 in a federal lawsuit brought by public employee unions alleging privacy violations by SSA under Trump, the agency confessed that DOGE staffers indeed had the access that it had previously denied.
We have warned from the beginning that DOGE had no business accessing this data and that no good could come of it.
— Max Richtman, National Committee to Preserve Social Security and Medicare
It acknowledged that DOGE staffers traded some of that information among themselves and transferred some of it to a non-Social Security server — and that even now Social Security can’t find out what information was raided.
At least some of the transfers took place while a court order barred DOGE from any data access. (Federal Judge Ellen Lipton Hollander of Maryland issued the order on March 20, but the Supreme Court suspended it on June 6, granting DOGE virtually unlimited access to the data while the lawsuit remains pending.)
The agency also admitted in its filing that two members of the DOGE team assigned to the Social Security Administration had contact with a political advocacy group seeking to overturn election results in several states, and that one signed a secret agreement to share Social Security data with the group.
The filing says the agency referred the two (unidentified) DOGE staffers to the Office of Special Counsel for possible violations of the Hatch Act, a 1939 law that bars civilian executive branch employees from engaging in certain political activities.
This in itself sounds like a joke. The Hatch Act is one of our most toothless federal statutes. Violators face nothing more serious than firing, reduction in salary grade, a ban on federal employment for up to five years, suspension, reprimand or a fine of up to $1,000. Since the DOGE staffers may already have left their government jobs, what would they care?
Trump is proposing to remove age as a factor in disability determinations. That could cost 750,000 Americans their benefits
The Social Security Administration’s sudden reversal of its earlier denials about DOGE’s rampage through its most sensitive records rattled Social Security advocacy groups. It should horrify the 185 million American workers paying into Social Security and the 69 million Americans receiving benefits, all of whom used to have confidence that the agency had robust protections of their personal information, but now may be exposed to identity theft and other privacy violations.
Advocates have been railing almost since the advent of the Trump term about potential breaches of Social Security privacy regulations, especially since an agency whistleblower, former data officer Charles Borges, warned Congress and went public about DOGE’s violations of data security protocols.
“We have warned from the beginning that DOGE had no business accessing this data and that no good could come of it,” says Max Richtman, president of the National Committee to Preserve Social Security and Medicare.
“This week’s revelations are just the tip of the iceberg,” says Alex Lawson, executive director of Social Security Works, who urged Congress to launch an investigation. “We need to know exactly who has our data and what they are doing with it.”
I asked Social Security Commissioner Frank Bisignano, who took office in May, for his reaction to the disclosures, but received no reply. Shortly after assuming his post, Bisignano told the Wall Street Journal that he planned to deploy DOGE staffers to help Social Security personnel revamp customer service. “I look at them as a resource to help me,” he said, having described himself as “fundamentally a DOGE person.” I asked if he still felt that way, but got no reply to that question either.
The “corrections” document bristles with lawyerly dodges asserting that agency officials were telling the truth, as they knew it, when they denied that DOGE was rummaging through private data.
On March 24, for instance, then-Commissioner Leland Dudek declared to Judge Hollander that DOGE “never had access to SSA systems of record,” but also that DOGE staffers’ access to any personally identifiable information had been revoked as of that day.
In fact, throughout the morning of that very day one DOGE team member ran searches for personally identifiable information in a highly sensitive agency database. DOGE’s access to the file wasn’t terminated until noon.
“SSA believed that statement to be accurate at the time it was made, and SSA believes it to be accurate today,” the agency said in its latest filing, referring to Dudek’s declaration. It just wasn’t “accurate” during the period when it wasn’t true.
Staff cutbacks and exposure of personal information are among the results of DOGE attacks on Social Security.
This is an obvious circumlocution. The government basically contends that willfully turning a blind eye to something you know is going on is tantamount to not knowing. That won’t do. Saying something is true when you know it to be false is lying.
The Social Security Administration had testimony in hand that on March 3 a DOGE staffer at the Social Security Administration emailed a file believed to contain names and addresses of 1,000 individuals to a senior DOGE official outside SSA.
Because the file is password-protected, however, “SSA has been unable to access the file to determine exactly what it contained.”
The agency also says that a DOGE team member was granted access to a system that allowed access to personal information for more than two months, from April 9 through June 11, well after Hollander issued her order.
Perhaps most seriously, the latest filing discloses that through early March, DOGE staffers were sharing Social Security data with each other via the third party service Cloudflare, which isn’t approved for storing Social Security data and isn’t subject to the agency’s privacy protections. The data may still be out there: Because it’s an outside service, “SSA has not been able to determine exactly what data were shared to Cloudflare or whether the data still exist on the server.”
Some of this contradicts the agency’s claim on March 24 that DOGE never had access to sensitive personal data and that no data had been transferred out of the agency’s privacy-protected sandbox. As early as March 7, the agency had reason to believe that wasn’t true: That’s the day former official Tiffany Flick filed a court declaration attesting to the DOGE team’s efforts to get that access. That should have been enough to tell agency officials that giving the judge a flat denial might not have been accurate, or wise.
The latest filing demolishes the timeworn claim that DOGE was infiltrated into Social Security in order to responsibly ferret out fraud and overspending. In truth, Musk and his DOGE minions mined Social Security data possibly for private purposes, while working to undermine confidence in the program.
As I reported earlier, however, their efforts to tell it like it is were confounded by their own ignorance.
For example, Musk’s eye-raising claim at a White House press briefing in March that benefit payments are being made to people as old as 150 years was the result of DOGE’s own incompetent misreading of Social Security’s software and was easily debunked; nevertheless, Musk’s claim was repeated in exaggerated form by Trump, a zombie factoid in the war on the social safety net.
Almost nothing in the corrective filing could come as a surprise to the Social Security Administration or the Department of Justice, which filed the document on Social Security’s behalf.
On March 7, former Social Security official Flick laid out in a court declaration how the agency was invaded by know-nothing DOGE employees who ran roughshod over agency rules and procedures designed to protect the confidentiality of private personal information about beneficiaries and their family members, as required by law.
Social Security master files that DOGE demanded and may have received, Flick stated, included “information about anyone with a Social Security number, including names, names of spouses and dependents, work history, financial and banking information, immigration or citizenship status, and marital status.”
How a DOGE team ran roughshod through the Social Security Administration, gaining access to personal data and putting benefit payments in jeopardy.
Borges, in his whistleblower declaration, wrote of being sidelined by DOGE staffers when he objected to their access to agency databases. Prevented from doing his job of overseeing privacy and security protocols, he says he was ultimately forced into resigning.
The Social Security Administration now claims that it didn’t have a grasp of actions by the DOGE team that were “potentially outside of SSA policy” or in violation of Hollander’s order until it reviewed records starting in October. It didn’t notify the Department of Justice, which is managing the government’s defense of the lawsuit over alleged privacy violations, until Dec. 10.
As for what steps Social Security officials are taking to retrieve personal data that DOGE may have sent into the world, the filing says only that “a review of the SSA DOGE Team’s actions is ongoing.”
There is no excuse for the dereliction of duty by Social Security officials in all this. Bisignano’s appointment as commissioner provoked misgivings about his suitability for the job among Social Security advocates. A former banker and CEO of a big payment processing firm, he told agency staffers, supposedly in jest, that his first move after receiving the nomination was to consult Google to find out what the job was.
He hasn’t set the Social Security world on fire since his appointment. In October, he added the post of CEO of the Internal Revenue Service to his government portfolio, raising questions about whether he has any time at all to deal with Social Security.
His silence about the latest disclosures, unfortunately, speaks volumes, none of them good. If people can’t trust Social Security to keep their privacy inviolate, confidence in the entire program may well be shattered. Sadly, that would be consistent with conservatives’ long war against this most popular and important government program, but maybe that’s what Trump has wanted all along.
Insights
L.A. Times Insights delivers AI-generated analysis on Voices content to offer all points of view. Insights does not appear on any news articles.
Viewpoint
Perspectives
The following AI-generated content is powered by Perplexity. The Los Angeles Times editorial staff does not create or edit the content.
Ideas expressed in the piece
DOGE improperly accessed private Social Security data that agency officials previously denied having reached, as confirmed in a corrective filing by the Department of Justice in January 2026[1][3]. The author argues this represents a fundamental breach of trust, particularly given that Social Security Administration officials had sworn under oath in March that DOGE staffers never had access to beneficiary information[1].
The Social Security Administration failed in its duty to protect sensitive personal information, including names, work histories, banking details, immigration status, and marital information belonging to 185 million workers and 69 million beneficiaries[1][4]. The filing reveals that DOGE employees transferred data to non-approved third-party services like Cloudflare and shared encrypted files containing approximately 1,000 individuals’ names and addresses with officials outside the agency, with the SSA unable to determine what information remains on external servers[1][3].
DOGE officials violated established data security protocols and bypassed privacy safeguards while operating within Social Security systems, suggesting their stated mission to identify fraud was a pretext rather than a genuine effort at administrative efficiency[1][2]. The author emphasizes that DOGE’s claims about finding widespread fraud were based on misunderstandings of Social Security’s software systems, as evidenced by their incorrect assertion that payments were made to people as old as 150 years[1][2].
The Hatch Act enforcement mechanism is inadequate to address the apparent political coordination between DOGE staffers and an advocacy group seeking to overturn election results, since violators face only dismissal, salary reduction, or minimal fines rather than criminal penalties[1][5]. Additionally, Social Security officials demonstrated dereliction of duty by not notifying the Department of Justice of DOGE’s policy violations until December 2024, despite having evidence as early as March 2025[1].
Allowing unelected officials with no Social Security expertise to access and potentially misuse beneficiary data threatens to shatter public confidence in a program that has reliably served Americans for 85 years without interruption[1][4]. The author suggests this effort aligns with broader conservative efforts to undermine the program rather than genuinely streamline operations[1].
Different views on the topic
Supporters of DOGE argue that the effort represents necessary action to eliminate wasteful government spending and reduce the federal deficit, with DOGE achieving over $55 billion in federal cuts including $232 million from the Social Security Administration through terminated contracts and program adjustments[2]. Proponents contend this aligns with the Trump administration’s mandate to reduce bureaucratic inefficiency and prioritize taxpayer resources[2].
DOGE advocates emphasize that their access to Social Security systems was limited to “read-only” permissions and that concerns about data misuse are speculative rather than supported by evidence of actual harm[2]. They dismiss critiques as resistance to accountability measures needed to identify improper benefit payments[2].
Supporters highlight DOGE’s focus on reducing spending on consulting contracts and other operational inefficiencies as a legitimate cost-cutting strategy, with some conservative figures arguing that demonstrating successful cuts might encourage Congress to institutionalize broader federal budget reductions[2]. Musk and Trump have framed DOGE’s activities as addressing long-standing fraud and program vulnerabilities that warranted investigation[2].
