Borges says that career cybersecurity officials within the SSA described the decision to copy the data as “very high risk” and even discussed the possibility of having to re-issue Social Security numbers to millions of Americans in the event the cloud server was breached.
The server appears to have been set up inside the SSA’s existing cloud infrastructure, which is run by Amazon Web Services. However, according to the complaint, the copied data had far fewer security measures in place to protect it than SSA’s standard protocols typically require.
According to Andrea Meza, an attorney with the Government Accountability Project who represents Borges, the cloud environment appeared to be set up for DOGE-affiliated Social Security staffers but that it “lacks independent security, monitoring and oversight.” She said Borges “has serious concerns about the vulnerability it causes for nearly every American’s data.”
Any paperwork you fill out essentially requires you to fill in your SSN. They might as well be public considering how many businesses claim they need it. SSNs have been highly insecure for decades now.
Yeah, not to mention the Equifax breach.
