The Social Security Administration’s Office of Inspector General has launched an investigation into a whistleblower’s complaint alleging that a former employee at the Department of Government Efficiency had access to two highly sensitive Social Security databases and planned to share the information with his private employer.
The inspector general’s office has shared the disclosure with the Government Accountability Office, which has been conducting its own audit of DOGE’s access to Social Security data. The whistleblower filed the complaint in January, stating that a former DOGE software engineer — who worked at the federal agency last year before joining a government contractor in October — allegedly told co-workers he possessed two tightly restricted databases of U.S. citizens’ information and had at least one on a thumb drive.
The databases, Numident and the “Master Death File,” contain records for more than 500 million living and dead Americans, including Social Security numbers, birth information, citizenship status, race, ethnicity, and parents’ names.
According to the complaint, which was reviewed by the inspector general’s office, the engineer allegedly told the whistleblower he needed help transferring data from a thumb drive “to his personal computer so that he could ‘sanitize’ the data before using it at [the company].” He claimed he intended to remove personal details and upload the information to the company’s systems. When another colleague refused to assist due to legal concerns, the engineer reportedly stated he expected a presidential pardon if his actions were deemed illegal.
The complaint does not allege that the engineer successfully uploaded the data. The company conducted a “thorough” two-day internal investigation and concluded the assertions were unsubstantiated. An attorney representing the former DOGE employee denied all wrongdoing.
Social Security Administration spokesman Barton Mackey confirmed in a statement that “the allegation by a singular anonymous source has been found to be false based on evidence and investigations by all involved.”
Leland Dudek, who served as acting commissioner during early stages of DOGE’s work, stated he was unaware of the allegations but emphasized that sharing Numident data with unauthorized third parties violates agency rules and federal law.
The complaint follows a separate August filing by the agency’s former chief data officer, Charles Borges, which alleged that DOGE staff improperly uploaded copies of Social Security data to cloud services, risking individuals’ privacy. In January, the Trump administration acknowledged that DOGE staffers were responsible for data breaches, including sharing information through unapproved third-party services and a staffer signing an agreement to share data with a political group aiming to overturn election results in several states.
