日本語
한국어
Tiếng Việt
简体中文
A U.S. Senator is pressing the Social Security Administration (SSA) for urgent answers regarding a duplicated, critical taxpayer database and allegations of a hostile work environment for a whistleblower who raised concerns. This follows the involuntary resignation last month of the SSA’s former Chief Data Officer (CDO), Charles Borges, who cited workplace hostility stemming from his data security reports.
Senator Mike Crapo (R-Idaho), Chairman of the powerful Senate Finance Committee, has sent a stern letter to SSA Commissioner Frank Bisignano, demanding a comprehensive response within two weeks. However, one question carries an immediate deadline: whether the alleged duplicate database “was accessed, leaked, hacked, or disseminated in any unauthorized fashion.” Senator Crapo insists on receiving this information “immediately upon receipt of this letter,” underscoring the critical nature of the inquiry.
Borges’ whistleblower complaint centered on a cost-cutting unit, identified as DOGE, which he claimed had replicated the highly sensitive Numident database to an unmanaged test cloud environment. This environment, according to Borges, was not under his purview nor that of the SSA, and allegedly lacked proper oversight controls. The Numident database is crucial, housing records for every individual who has ever applied for a Social Security Card in the United States, making its security paramount.
“As Chairman of the Senate Committee on Finance, I must take very seriously every allegation made by a protected whistleblower,” Senator Crapo stated, emphasizing the gravity of the situation. He further added, “Given the large amount of sensitive data under SSA’s control, I consider the protection and security of PII (Personally Identifiable Information) held by the agency to be a matter of first importance.”
Beyond the Numident duplication, Borges’ complaint also detailed broader concerns about DOGE’s alleged “systemic data security violations,” as well as breaches of SSA protocols and federal data privacy laws during its tenure. His resignation letter articulated a breakdown of trust and an unsustainable work environment. “After reporting internally to management and externally to regulators serious data security and integrity concerns impacting our citizens’ most sensitive personal data, I have suffered exclusion, isolation, internal strife, and a culture of fear, creating a hostile work environment and making work conditions intolerable,” Borges wrote to Commissioner Bisignano. He asserted that the SSA’s actions rendered his duties impossible to perform ethically or legally.
In response to inquiries, the SSA provided a statement identical to one issued last month, skirting direct answers to Senator Crapo’s specific demands. An SSA spokesperson maintained, “We are not aware of any compromise to this environment and remain dedicated to protecting sensitive personal data.” The statement also claimed that Numident data is stored “in secure environments that have robust safeguards in place to protect vital information.” This generic response notably fails to address the security status of the *alleged unauthorized copy* of Numident specifically mentioned in the whistleblower complaint and Senator’s letter.
Senator Crapo’s letter also seeks detailed information on how the SSA handled Borges’ internal complaints, specifics about its cloud storage practices, and an assessment of the risks associated with agency employees having the capability “to transfer data from the Numident database to a private cloud within SSA’s AWS cloud environment.” The ongoing investigation highlights significant concerns regarding federal agency data security, whistleblower protection, and the critical need for transparency in safeguarding the sensitive personal information of American citizens.