TL;DR: In January 2026, court filings revealed that DOGE employees at the Social Security Administration copied data on more than 300 million Americans to an unapproved Cloudflare server, signed a "voter data agreement" with a political advocacy group to match Social Security records against state voter rolls, and retained access to SSA systems after a federal judge ordered them out. The SSA's chief data officer resigned in protest. Meanwhile, the administration expanded DOGE's data-sharing powers through new Systems of Records Notices, over the objection of 21,000 public commenters. This is how a "fraud detection" program became a voter-targeting operation.
What Happened at the SSA
In early February 2025, roughly 10 DOGE representatives showed up at the Social Security Administration and demanded access to agency systems. Not read-only access. Not limited access. Full access to databases containing earnings histories, death records, immigration status, and Social Security numbers for more than 350 million people [1].
They got it. And then things went sideways fast.
On March 3, 2025, a DOGE team member sent an encrypted, password-protected file containing names and addresses of approximately 1,000 people to the Department of Homeland Security and a DOGE advisor at the Department of Labor. The SSA doesn't know exactly what was in the file because it's still password-protected [2].
Between March 7 and March 17, DOGE employees used Cloudflare (a commercial internet services provider not approved for storing SSA data) to share agency information. The SSA can't determine what data was transferred or whether copies still exist on those servers [2].
On March 20, a federal judge issued a temporary restraining order blocking DOGE's access. The next day, DOGE officials allegedly directed staff to restore access for two staffers with expanded privileges [3].
On March 24, while the SSA claimed access had been terminated, one DOGE staffer was caught searching the agency's master database of all Social Security numbers [3].
The Voter Roll Deal
Here's where a data access scandal became a political operation.
In March 2025, an unnamed political advocacy group contacted two DOGE employees at the SSA with a request: match Social Security data against state voter rolls to "find evidence of voter fraud and to overturn election results in certain States" [2].
One of the DOGE employees signed a "voter data agreement" with the group on March 24, the same day another DOGE staffer was searching the SSA master database. The agreement was signed without SSA approval, in the employee's official capacity as a federal worker [2].
The DOJ didn't name the group. But in early March 2025, True the Vote (the election denial organization behind the debunked "2000 Mules" theory) published "An Appeal to DOGE: Audit the Voter Rolls." Their pitch: combine DOGE's access to federal databases with voter roll data to identify discrepancies [4].
The SSA says it hasn't confirmed that agency data was actually shared with the advocacy group. But the SSA also can't say for certain that it wasn't, because it doesn't know what went out through the Cloudflare server or the encrypted file [2].
The improper political activity triggered two Hatch Act referrals to the Office of Special Counsel [2].
The Whistleblower
Chuck Borges was the SSA's chief data officer. He watched DOGE staffers arrive, demand access, and start pulling data without following security protocols. He filed a whistleblower complaint alleging that DOGE employees had put the records of more than 300 million Americans at risk by creating a copy of agency data on a vulnerable cloud computing server [5].
Borges alleged that Aram Moghaddassi, a DOGE engineer, was granted simultaneous access to DHS's SAVE (Systematic Alien Verification for Entitlements) system and SSA databases, a combination that would allow cross-referencing immigration status against Social Security records. Moghaddassi later became SSA's co-chief information officer [3].
Antonio Gracias, a private equity investor working with DOGE at the SSA, made sweeping voter fraud claims that were later reduced to 57 referral cases [3].
Borges resigned in August 2025 [3].
The Government Admitted It All
On January 16, 2026, in the case of AFSCME v. Social Security Administration (Case No. 1:25-cv-00596-ELH), the Department of Justice filed a "notice of corrections" admitting the SSA had previously understated DOGE's data access [2].
The corrected record showed DOGE accessed:
- Employee records and facility access systems
- Fraud and analytics shared workspaces
- Data visualization tools connected to sources "which could provide access to PII"
- Enterprise data warehouse schemas
- The master database of all Social Security numbers
The filing also confirmed that DOGE personnel retained SSA system access after Judge Ellen Hollander's order restricting it [2].
In other words: the government's own lawyers admitted in court that DOGE employees violated a judge's order, sent data to unauthorized servers, signed political agreements with outside groups, and had more access to personal data than the administration originally told anyone.
The Response: Expand the Program
If you expected consequences, here's what happened instead.
In November 2025, the SSA published a new System of Records Notice (SORN) expanding disclosure of citizenship data to DHS through the SAVE system. The change permitted "bulk queries of citizenship data for hundreds of millions of SSN holders" [6].
Over 21,000 people submitted public comments. Nearly all opposed the expansion. Legal services providers warned that SSA's citizenship data is "incomplete, outdated, and inaccurate," particularly for naturalized citizens [6].
The SSA published the SORN anyway.
In January 2026, the agency published two more SORNs expanding data categories and adding 13 new "routine uses," including disclosures to law enforcement and the Office of the President [6].
On March 20, 2025, President Trump signed an executive order titled "Eliminating Information Silos to Stop Waste, Fraud, and Abuse." It requires agency heads to ensure designated officials have "full and prompt access to all unclassified agency records, data, software systems, and information technology systems." Agencies had 30 days to modify or rescind internal regulations blocking inter-agency data sharing [7].
The order also requires "unfettered access" to data from state programs that receive federal funds, including data held by third parties [7].
Rep. Lori Trahan (D-MA) called it "the biggest government privacy scandal since Watergate" and launched an initiative to modernize the 1974 Privacy Act [8].
"One Big, Beautiful Database"
Brookings published a detailed analysis in June 2025 comparing DOGE's project to the Total Information Awareness (TIA) program, the post-9/11 DARPA surveillance system that Congress killed in 2003 after the ACLU called it "the closest thing to a true 'Big Brother' program" [9].
The comparison is uncomfortable. TIA proposed merging credit card purchases, travel records, phone records, medical data, and government files into one searchable system. It was designed to detect terrorist activity. Congress shut it down because the potential for abuse was too obvious.
DOGE is building something broader. Where TIA had a narrow (if terrifying) purpose, counterterrorism, DOGE's data consolidation serves multiple goals: finding and deporting undocumented immigrants, rooting out "fraud" in government payments, and apparently, matching voter rolls against federal records [9].
The data DOGE has accessed spans at least 10 federal agencies: Treasury, SSA, OPM, Education, Commerce, Energy, Labor, HHS, Transportation, and Agriculture. At Treasury, that includes IRS tax returns. At OPM, it includes background checks, medical records, and biometric data. At the USDA, DOGE can view and modify data in the payment system [10].
According to Rep. Gerald Connolly's letter to agency heads, DOGE engineers assembled "backpacks full of laptops" to create specialized computers with "full access to networks and databases across different agencies" [9].
Congress killed TIA with 20 years less data to merge. DOGE has more data, fewer guardrails, and a Supreme Court that already sided with them 6-3.
What DOGE's "Fraud Detection" Actually Found
When DOGE implemented anti-fraud checks at the SSA, the tool flagged 2 out of 110,000 claims as "high probability" fraudulent. Two. Out of 110,000 [9].
Meanwhile, retirement claim processing slowed by 25% [9].
The system that copied 300 million records to an unsecured server, that signed deals with election deniers, and that violated a federal judge's access order, caught two potentially fraudulent claims. The ratio of privacy violations to fraud detected is not flattering.
What You Can Do
Check Your SSA Account
Log in at ssa.gov/myaccount and review your earnings record and contact information. Flag anything you didn't authorize.
Freeze Your Credit
With SSNs exposed across multiple agencies, freeze your credit at all three bureaus. Free, takes 10 minutes per bureau, and stops anyone from opening accounts in your name.
Get an IRS Identity Protection PIN
Prevents fraudulent tax filings using your SSN. Sign up at irs.gov.
Submit Comments on New SORNs
Federal agencies must publish SORNs before expanding data sharing. When you see one, comment. The SSA ignored 21,000 comments, but public pressure matters for the lawsuits challenging these expansions.
References
- NPR - Supreme Court grants DOGE access to confidential Social Security records (June 6, 2025)
- CNN - DOGE shared Social Security data to unauthorized server, according to court filing (January 20, 2026)
- NPR - The Trump administration admits even more ways DOGE accessed sensitive personal data (January 23, 2026)
- Democracy Docket - DOGE worked with political group to probe voter rolls, Trump admin admits (January 2026)
- Congressman John Larson - DOGE shared Social Security data through unsecured server (January 2026)
- Empire Justice Center - SSA Confirms DOGE Misuse of Data, as New SORNs Expand Data-Sharing (2026)
- FedScoop - Trump orders full access to agency data for designated officials (March 21, 2025)
- FedScoop - House Democrat wants to modernize privacy law in light of DOGE data access (March 2025)
- Brookings - Privacy under siege: DOGE's one big, beautiful database (June 25, 2025)
- Wikipedia - US federal agencies targeted by DOGE (updated 2026)