In today’s episode of things I can’t fucking believe…
A former DOGE employee allegedly walked out of the Social Security Administration with a thumb drive containing the personal data of over 500 million Americans, bragged about it to colleagues at his new job, asked them to help him “sanitize” it for company use, and when one of them said that sounded illegal, he told her not to worry – he figured Trump would pardon him.
I mean – truthfully – he’s probably not wrong.
The SSA’s inspector general is now investigating a whistleblower complaint that details the whole thing, and has already briefed four congressional committees and the Government Accountability Office. The guy was a software engineer who came in with the DOGE crew when they embedded about a dozen tech staffers at SSA headquarters starting in early 2025. Nobody put them on the org chart. The rest of the agency staff apparently had to figure out on their own why these people were suddenly everywhere.
What he allegedly walked out with are two of the most tightly restricted databases in the federal government. The first, Numident, is basically the master record for every Social Security number ever issued – names, dates of birth, places of birth, citizenship status, parents’ names.
The second is the Master Death File, which tracks deceased Americans and is heavily controlled because it’s a prime tool for identity theft if it gets out. Together, those two databases reportedly cover more than 500 million living and dead Americans. Social Security numbers. Race and ethnicity. The whole thing. On a thumb drive.
He then moved to a private government contractor in October and apparently could not stop talking about what he had. He asked a colleague to help him transfer the data from the thumb drive to his personal computer so he could strip out the identifying details and upload it to company systems. The colleague said no.
He told another colleague the same story. That colleague also said no, and apparently voiced some legal concerns, at which point the engineer said, essentially – yeah, that’s fine, I’ll just get a pardon.
He was so confident in his access to a presidential get-out-of-jail-free card that he said it out loud, to multiple people, as a solution to federal data theft. That’s not a guy worried about consequences. That’s a guy who thinks the rules genuinely don’t apply to him.
This is also not the first time DOGE’s approach to SSA data has been a disaster. The agency’s own chief data officer, Charles Borges, resigned last August after filing a whistleblower complaint alleging DOGE staffers made a live copy of SSA’s most sensitive database and stored it on a vulnerable cloud server – basically leaving the front door open.
In January, the Trump administration admitted in court that DOGE staffers had unauthorized access to SSA data and may have shared it outside the agency. A judge had already tried to block DOGE from accessing SSA systems entirely, calling the whole operation a “fishing expedition.” None of that slowed anything down.
The SSA’s official response when WaPo first contacted them was that the Post was “desperate for clicks and eager to publish fake news to scare seniors.” By the time the inspector general announced an actual investigation, that statement had aged about as well as you’d expect.
Here’s what makes this different from a typical data breach story. We’re not talking about hackers or a foreign government finding a vulnerability. We’re talking about someone who was invited in, given what he described as “God-level” access to the most sensitive civilian database in the country, then allegedly left with the crown jewels on a $10 thumb drive. And the SSA, apparently, didn’t notice. Or didn’t care. Or both.
Former chief data officer Borges put it plainly: “This is absolutely the worst-case scenario. There could be one or a million copies of it, and we will never know now.”
Yeah.
The engineer denies all of it through his lawyer. The company says an internal investigation found nothing. The SSA says the same. The inspector general, which is actually independent of the Trump administration, clearly found enough to open a formal investigation and loop in Congress – so at least someone with subpoena power is paying attention.
If you want to do something with this: contact your representatives and tell them you want public hearings on DOGE’s data access at SSA, not just a closed-door briefing. Rep. Robert Garcia is already pushing to expand the investigation, and right now that effort needs public pressure behind it to get anywhere. The House Oversight Committee is the place to direct that energy – their contact form is at oversight(dot)house(dot)gov. It takes two minutes.
The data of every American who has ever had a Social Security number is allegedly sitting on a thumb drive somewhere, waiting to be “sanitized.” And the guy who took it apparently thought the worst case scenario was a pardon from the president.
Sources- Washington Post – DOGE Social Security data theft investigation
- TechCrunch – DOGE employee stole Social Security data
- New Republic – DOGE Social Security data whistleblower
- Mediaite – Whistleblower alleges former DOGE employee absconded with data
- DNyuz – Whistleblower claims ex-DOGE member took data to new job
- Engadget – Social Security watchdog investigating DOGE engineer