When Senator Gary Peters, Ranking Member of the Senate Homeland Security and Governmental Affairs Committee, released the report of the minority staff’s investigation into the Department of Government Efficiency (DOGE), the revelations should have sounded an alarm.
“DOGE isn’t making government more efficient – it’s putting Americans’ sensitive information in the hands of completely unqualified and untrustworthy individuals,” Peters declared. “They are bypassing cybersecurity protections, evading oversight, and putting Americans’ personal data at risk.”
DOGE also is involved in sketching out the outline of a far-reaching and intrusive national surveillance capability.
Created by President Trump on January 20 and initially led by Elon Musk, DOGE was billed as a drive to streamline bureaucracy and cut waste. But the report portrays something far more dangerous and insidious. It details a parallel apparatus with its own operatives, its own networks, and sweeping access to some of the most sensitive data on Americans in the federal government’s possession.
Built on various agency oversight visits and whistleblower disclosures, the report depicts an operation that has breached the boundary between “efficiency” reform and a culture of secrecy that includes armed guards, blacked-out windows, and locked rooms shielding DOGE teams from accountability.
What emerges is not only a tale of data insecurity at the Social Security Administration (SSA), but a broader picture of government-wide encroachment that includes the General Services Administration (GSA), the Office of Personnel Management (OPM) and, in parallel with media reporting, other departments including the Department of State and Department of Treasury.
At the center of the report is SSA’s Numerical Identification Files (NUMIDENT), the definitive ledger tied to Social Security numbers that underpins identity verification across the economy and supports Social Security and Medicare benefits.
According to whistleblowers committee staff interviewed, DOGE personnel uploaded a live copy of NUMIDENT into a cloud environment without verified security controls and beyond standard SSA visibility and granted DOGE employees administrator-level access that they could use to manipulate, delete, or export records. These individuals had unfettered access to SSA data inside that cloud environment.
The whistleblower disclosures described these shadowy DOGE employees – mostly young men ages 18 to their mid-20s – as effectively “the quarterback[s] of the data and the referee,” with the ability to change or exfiltrate information without normal oversight.
An official internal SSA risk assessment warned that, absent additional controls, the likelihood of a breach with “catastrophic adverse effect” was between 35 and 65 percent. The assessment contemplated outcomes ranging from “widespread PII [personally identifiable information] disclosure or loss of data” to “catastrophic damage” impairing SSA facilities and operations.
In a worst-case scenario shared with Senate staff, officials discussed the possibility that the United States might have to reissue Social Security numbers across the entire population if NUMIDENT were compromised.
The scale of such a compromise would dwarf the 2015 OPM breach. Because SSNs are the backbone of identity across finance, healthcare, and public benefits, a successful attack or undiscovered manipulation could paralyze lending, disrupt benefit payments, and force potentially hundreds of millions into years of costly identity remediation. As of early August, over 548.3 million Social Security numbers were issued.
The report underscores that SSA leadership lacked clear visibility into DOGE’s cloud environment, compounding the risk that theft or manipulation could occur without detection.
The minority staff investigation also unable to determine who is functionally in charge of policy and data decisions inside the agencies where DOGE has embedded itself. And officials of the agencies themselves were unable or unwilling to explain what DOGE teams were doing, who supervised them, or what data they could access. In some cases, information provided at briefings contradicted court filings and whistleblower accounts.
Formally, the White House identified Amy Gleason as the administrator leading the U.S. DOGE Service, the successor to the U.S. Digital Service. But whistleblowers told staff Gleason functioned as a figurehead with no real power over DOGE employees embedded in agencies. This opaque chain of command, the report concluded, prevents Congress from holding anyone accountable for DOGE’s actions.
The report documents that a federal court initially blocked DOGE’s access to certain SSA systems in early 2025, but that access was later restored while litigation continued. In the meantime, though, DOGE-aligned officials approved moving live NUMIDENT “production data” into the cloud environment despite internal warnings from SSA’s own security leadership that such use of production data in that setting violated policy.
The same pattern of secrecy and unusual privilege was found at GSA. Senate staff toured the executive suite and found DOGE programmers working amid stacks of laptops and that officials attempted to block views of cloud architecture diagrams drawn on a whiteboard.
GSA confirmed that bedrooms had been set up in the suite for “intermittent” use, yet staff were not allowed to see at least six of those rooms. Officials barred photos and later rejected a request for a follow-up visit.
Most striking was the installation of a Starlink satellite Internet system inside GSA headquarters. GSA, like other agencies, already runs a secure network subject to federal monitoring and controls.
Starlink’s presence raised the possibility that DOGE could move data outside GSA’s IT perimeter, bypassing continuous monitoring, privacy impact assessments, or other requirements under the Federal Information Security Modernization Act and OMB policy. Officials could not explain who authorized Starlink, who could access it, or whether it was integrated into existing security operations.
At OPM, officials provided information that directly conflicted with court filings made on the agency’s behalf and refused to acknowledge the existence of DOGE teams, despite an executive order requiring each agency to maintain a DOGE unit. And as at SSA and GSA, staff were blocked from meaningful engagement with DOGE personnel themselves. Routine oversight questions about team size, composition, and scope went unanswered.
The minority staff concluded that the DOGE was in violation of the Privacy Act of 1974 and the E-Government Act of 2002 which restrict how agencies collect, combine, and disseminate PII and require public-facing notices and impact assessments when new programs use PII.
The staff report concluded that DOGE’s reported actions – especially the pooling of SSA data in a DOGE-managed cloud and attempts to combine records across agencies – appear to violate these statutes and related OMB guidance.
The staff’s findings also echo a wider trend documented throughout this administration in which “efficiency,” “fraud prevention,” and “modernization” have been used to justify increasingly expansive data collection and biometric surveillance, even as the technical capacity of systems outpaces the legal authority undergirding them.
The report warns that adversaries such as Russia, China, and Iran, who regularly probe U.S. networks and critical infrastructure, are likely aware of the new SSA cloud environment, saying that NUMIDENT would be an intelligence prize of extraordinary value that could enable long-term tracking, impersonation, or disruption.
Domestically, DOGE’s secretive access raises the specter of sensitive data being shared with private entities given the lack of agency visibility into the environment and the conflicts of interest embedded in DOGE staffing.
Because the NUMIDENT copy in the cloud was treated as “production data,” the risk is not limited to theft. Direct manipulation could undermine identity resolution across government and finance. The report’s core concern is that with DOGE acting as both operator and gatekeeper, normal guardrails failed.
While the Senate staff’s investigation was centered on SSA, GSA, and OPM, DOGE personnel also obtained access to sensitive Treasury datasets and housing-related records, prompting legal experts to warn of political abuse of financial information.
At the State Department there are concerns about the potential exposure of passport and visa systems, diplomatic and classified communications, and datasets with direct implications for foreign policy, counterintelligence, and national security.
Whistleblower disclosures cited by the Senate staff indicate that SSA data showed up in Department of Homeland Security and Department of Justice projects in atypical formats, raising questions about whether information moved outside formal interagency agreements.
The Senate staff report calls for immediate containment. It urges SSA to shut down the DOGE cloud environment that houses NUMIDENT and recommends revoking DOGE access to PII across the federal government until agencies can certify compliance with FISMA, the Privacy Act, the Federal Records Act, and related statutes.
It further recommends suspending DOGE operations government-wide until agencies can demonstrate that DOGE personnel are clearly within chain-of-command supervision, with full leadership visibility into any data-sharing, cloud builds, and transfer or exfiltration of agency data.
The staff also strongly urges the inspectors general to conduct comprehensive audits of access to sensitive systems, including whether DOGE individuals used standard processes for requesting and granting access, or instead obtained entry through threats or coercive tactics.
Finally, the report calls on agencies to release data-access privileges for DOGE personnel and to publish identities, titles, and position descriptions for all staff implementing DOGE-related executive orders.
Whether these steps occur is uncertain. According to the report, agencies failed to answer simple follow-up questions such as who occupies specific roles or how Starlink fits within required monitoring frameworks.
If left unchecked, the report suggests, an initiative that was sold as “efficiency” will metastasize into a vehicle for secrecy and risk, with shadowy individuals with extraordinary privileges and minimal accountability embedded deep into the agencies that hold the keys to Americans’ identities.
The question now is whether Congress, the courts, and the public can re-impose the basic guardrails of chain-of-command, transparency, and statutory authority before a worst-case scenario becomes reality.
Article Topics
data protection | digital government | DOGE | identity management | NUMIDENT | U.S. Government