John,

With the end of the government shutdown on the horizon, it’s time to demand action on an issue flying under the radar.

In August, a whistleblower high inside the Social Security Administration raised the alarm concerning a massive data breach that involves the largest exposure of Social Security numbers (SSNs) in U.S. history: an upload of private SSA data for every American — roughly 300 million people — to an unsecured private server tied to Elon Musk’s DOGE.

We don’t know why it happened, where those records may have gone, or who has access to them now.

To put the scale in context: this breach affects about twice as many people as were affected by the 2017 Equifax breach (148 million), which involved no SSNs; and more than 13 times the number affected by the 2015 Office of Personnel Management attack (22.1 million), which was thought to be state-sponsored and did include SSNs.

The enormity of this attack is significant, because it multiplies the long-term danger. Social Security numbers are permanent, unique identifiers. Unlike a password, you can’t “reset” an SSN. When SSNs are stolen with names, birthdates, and other personal data, criminals can:

build synthetic identities to open credit accounts and loans;
file false tax returns and steal refunds;
hijack medical records and benefits;
open or take over financial accounts, damaging credit and draining savings.

Because the data can be copied, sold, and reused indefinitely, victims of a breach this size face an elevated risk of identity theft and fraud for many years — even decades — after the initial exposure.

And what has the U.S. Congress done about this? So far, precious little.

Send a direct message to Senator Mike Crapo, Finance Committee Chair: Investigate the severe security breach at the Social Security Administration that has put the most sensitive personal data of every American at risk!

Sign & Send

Democrats on the Senate Finance Committee, led by Ranking Member Ron Wyden, have demanded an investigation, but Senate Finance Chair Mike Crapo has done virtually nothing — even before the government shut down. No hearings. No subpoenas. No investigation. Just a polite letter of inquiry without any followup. This level of complacency looks more like complicity, given the national security risk.

For his part, Trump’s chosen SSA commissioner, Frank Bisignano, has responded with chaos and coverups — weaponizing agency data, sabotaging the phone system, and pushing policies that appear aimed at privatizing core SSA functions. He appears to be intentionally weakening the system so it can be privatized, as alluded to in Project 2025.

The whistleblower is Charles Borges, the SSA’s former Chief Data Officer. The complaint says DOGE employees built a copy of the entire Social Security database in a cloud system that “circumvents oversight.” In his resignation, he described a “culture of panic and dread” and warned that he could not verify agency data were being used in accordance with legal agreements or federal requirements.

The unaccounted whereabouts of hundreds of millions of Social Security numbers and other private data puts every one of us at substantial risk of identity theft for years to come.

We deserve answers. How did this happen, who accessed and copied our data, and what steps will be taken to stop the damage and protect us in the future?

Tell Senate Finance Chair Mike Crapo: Investigate the sabotage at the Social Security Administration and protect every American’s right to have their highly sensitive private data handled securely.

Thank you for insisting the SSA must be held accountable and its data must be kept secure.

Robert Reich
Inequality Media Civic Action

SUPPORT OUR WORK

Sent via ActionNetwork.org. To update your email address, change your name or address, or to stop receiving emails from Inequality Media Civic Action, please click here.