(CNN) — Department of Government Efficiency employees at the Social Security Administration put the records of more than 300 million Americans at risk by creating a copy of the data in a vulnerable cloud computing server, the agency’s chief data officer said in a whistleblower complaint filed Tuesday.

The copy of the agency’s database – which contains people’s names, Social Security numbers, dates of birth, addresses, citizenship status, parents’ names and other personal information – “apparently lacks any security oversight from SSA or tracking to determine who is accessing or has accessed the copy of this data,” according to Charles Borges, whose whistleblower disclosure was submitted by the Government Accountability Project to the Office of Special Counsel and congressional committees.

“Should bad actors gain access to this cloud environment, Americans may be susceptible to widespread identity theft, may lose vital healthcare and food benefits, and the government may be responsible for re-issuing every American a new Social Security Number at great cost,” according to the complaint, which was first reported by the New York Times.

Borges reported his concerns – “a disturbing pattern of questionable and risky security access and administrative misconduct” – to the office of the agency’s chief information officer but is not aware of any remedial action being taken, the complaint said. He has served as Social Security’s chief data officer since January 27.

Maintaining the privacy and security of people’s personal information has been a major concern since the Trump administration allowed Elon Musk’s DOGE team to embed in multiple federal agencies, including Social Security. Former officials have raised red flags about DOGE’s need to access and handling of the records.

A coalition of labor and advocacy groups sued to stop DOGE from gaining access to people’s Social Security records, but the Supreme Court in June allowed DOGE to review the data in its stated effort to root out fraud and modernize the agency’s technology. Musk had repeatedly raised the specter of fraud within the agency, noting that it had impossibly old people in its files, for instance.

The Social Security Administration said Tuesday it takes all whistleblower complaints seriously and noted that it stores all personal data in secure environments with robust safeguards.

“The data referenced in the complaint is stored in a long-standing environment used by SSA and walled off from the internet,” Nick Perrine, an agency spokesperson, said in a statement. “High-level career SSA officials have administrative access to this system with oversight by SSA’s Information Security team. We are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data.”

The-CNN-Wire
™ & © 2025 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.