日本語
한국어
Tiếng Việt
简体中文
Less than 30 minutes after the Social Security Administration’s (SSA) chief data officer formally resigned following an explosive whistleblower complaint, a crucial email detailing his departure mysteriously disappeared from employee inboxes. This unprecedented event has raised serious questions about transparency and data security within the federal agency.
On a recent Friday, Chuck Borges, the SSA’s chief data officer, reportedly sent an email to agency staff announcing his “involuntary” departure. In the communication, obtained by WIRED, Borges claimed he was being forced out of his position just days after filing a significant whistleblower complaint. He asserted that the SSA’s actions made his duties “impossible to perform legally and ethically,” leading to “constructive discharge” and severe personal distress.
Sources within the SSA confirmed to WIRED that the email vanished from employee inboxes shortly after its distribution. The reason for its sudden disappearance remains unclear, though one SSA staffer speculated it was removed due to its critical tone towards the agency’s Chief Information Officer (CIO) leadership.
This incident sparks concern given that US federal agencies are typically mandated by the Federal Records Act of 1950 to maintain internal records, including digital communications like emails.
Allegations of Sensitive Data Mishandling and Unsecure Cloud Uploads
Borges’s “involuntary resignation” is directly linked to a formal whistleblower complaint he lodged with the US Office of Special Counsel. In his complaint, Borges accused the Department of Government Efficiency (DOGE) of unlawfully uploading highly sensitive SSA data, which includes personal information and Social Security numbers belonging to millions of individuals, to an unsecure cloud server. He specifically alleged that transferring “live” SSA data outside of established agency protocols is illegal and creates a substantial risk of data breaches or leaks.
In his contentious resignation letter, Borges articulated his concerns: “Recently, I have been made aware of several projects and incidents which may constitute violations of federal statutes or regulations, involve the potential safety and security of high value data assets in the cloud, possibly provided unauthorized or inappropriate access to agency enterprise data storage solutions, and may involve unauthorized data exchange with other agencies.”
SSA Defends Data Security Practices
Responding to inquiries, SSA spokesperson Nick Perrine stated that the agency maintains robust safeguards for all personal data. Perrine clarified that the data referenced in Borges’s complaint is stored in a long-standing SSA environment, emphasizing it is “walled off from the internet” and accessible only by high-level career officials with oversight from the agency’s information security team.
However, Borges’s whistleblower complaint provided documents indicating that DOGE affiliate John Solly, working under the SSA, requested an agency employee copy data from Numident—a master SSA database containing lifelong records of SSN holders—to a “virtual private cloud,” identified as an Amazon Web Services server under SSA control. Edward Coristine was also implicated in this project.
The complaint further alleges “systemic data security violations, uninhibited administrative access to highly sensitive production environments, and potential violations of internal SSA security protocols and federal privacy laws” by DOGE personnel, specifically naming Edward Coristine, Aram Moghaddassi, John Solly, and Michael Russo. These actions, according to the complaint, constitute “abuse of authority, gross mismanagement, and creation of a substantial and specific threat to public health and safety.”
Neither Borges nor the SSA immediately provided comments on the disappearing email or the specific allegations. Efforts to reach Coristine, Moghaddassi, Solly, and Russo for comment were also unsuccessful. Independent journalist Marisa Kabas was among the first to report on Borges’s resignation and the subsequent disappearance of his email.