Safety of All Social Security Data in Question After DOGE Whistleblower Complaint

A whistleblower complaint from an anonymous DOGE insider has raised questions about the safety of US social security data, as a former engineer has been accused of essentially making off with all of the sensitive information on a thumb drive.

Before getting into a panic, it is important to note that the only source thus far is the whistleblower claims and the story has not been corroborated by third parties. The engineer was accused of bringing the social security data to his next employer; that employer has conducted an investigation and says they see no evidence of it ever being uploaded to them. It is far from the first accusation of DOGE members playing fast and loose with sensitive data, however, and has sparked another of what are now a number of investigations and inquiries.

Staffer accused of pirating social security data, boasting about presidential pardon

The breach would be one of the biggest of all time if it did unfold as the accusations suggest, with essentially all Social Security number holders impacted. Among other things the case involves alleged theft of NUMIDENT, the numerical index file that contains all Social Security numbers issued since 1936 along with applicant personal information.

DOGE members have previously been accused of mismanaging social security data by transferring it to insufficiently secure cloud servers, but this is the first clear accusation of theft. In January two former DOGE staffers had an investigation opened by the Justice Department for communicating with a right-wing advocacy group seeking information to overturn state elections, but it remains unclear if any data was actually turned over in that case.

The member accused in this case, John Solly, was previously named in a complaint made by the former SSA chief data officer in 2025. Solly was named then as one of several DOGE staffers that requested NUMIDENT data be moved to an insecure cloud server. In this case, Solly is accused of taking both the NUMIDENT files and the “death master file” used to prevent the SSNs of deceased persons from being used for fraud. The whistleblower says that when they confronted Solly about removing this data, Solly claimed that he would get a presidential pardon if any trouble came of it.

Social security data may have been transferred to private employer

The whistleblower claims that Solly’s plan for the alleged purloined social security data was to turn it over to his new employer, Fortune 500 firm Leidos. The anonymous source alleges that Solly copied the data in question from a thumb drive to a personal computer, then asked them about “sanitizing” it ahead of a planned upload to Leidos. Leidos spokesperson Todd Blecher has responded to the story by saying that the company conducted a digital forensic investigation and found that Solly never uploaded any of this data or connected any sort of storage device to his company-issued laptop.

Several reviews and investigations into DOGE’s handling of sensitive data have now been initiated, including one by the Social Security’s Office of Inspector General into these specific whistleblower claims. But many of these efforts have been stymied by the fact that DOGE essentially operates as an outside contractor with limited visibility or requirements to report to government agencies.