FRESH

Hacker News

Home

Whistleblower claims ex-DOGE member says he took Social Security data to new job

620 points by raldi

by neonate

0 subcomment

https://archive.is/Mw5bh

by lateforwork

3 subcomments

Also relevant: The DOGE team set up a Starlink satellite at the White House [1].
DOGE staff installed the terminal on the Eisenhower Executive Office Building roof in February 2025 without notifying White House communications or cybersecurity teams, ignoring their prior warnings [2]. The resulting "Starlink Guest" Wi-Fi used only a password—no usernames or two-factor authentication—unlike standard networks requiring full VPN tunneling and device logging.
This allowed devices to evade monitoring, transmit untracked data outside secure channels, and potentially enable leaks or hacks, as noted by former officials and experts like ex-NSA hacker Jake Williams. A confrontation ensued with Secret Service when DOGE accessed the roof unannounced [3].
[1] https://www.nytimes.com/2025/03/17/us/politics/elon-musk-sta...
[2] https://www.washingtonpost.com/technology/2025/06/07/starlin...
[3] https://www.wired.com/story/white-house-starlink-wifi/

by scroot

4 subcomments

This comes on the heels of the AHA and other parties in the suit against the government posting the video depositions of some of the DOGE people to youtube [1], which are fascinating to watch.
Justin Fox not being able to say what DEI is really tells you everything you need to know about how grants were cancelled.
[1] https://www.youtube.com/@historiansorg

by aestetix

8 subcomments

> The Post is not naming the former DOGE member or company because it has not independently confirmed the accusations in the complaint.
Why not? Shouldn't the public be allowed to learn who all the DOGE employees were? Federal employees are public record, are they not?

by KingOfCoders

6 subcomments

Ex-employee alleges data copied to a flashdrive.
Agency: "Social Security initially denied Borges’s allegations and said the data referenced in his complaint is stored in a secure environment walled-off from the internet."
Ah walled of the internet, so no one can get there and copy the data to a flashdrive. Move on, move on!
You can't make that up.

by vibe_assassin

4 subcomments

The US has laws to handle stuff like this. The real problem is that the pardon power is completely broken and it needs to be removed.

by lenerdenator

4 subcomments

Cool. Investigate it. If they really did take data off a government system without permission, charge them with the most serious thing you can find in a district where they're likely to be convicted. Then send them to prison to delete years or decades off their lives.
See if Musk was in any way involved, or acted with such reckless disregard for known security standards that he could be civilly or criminally liable. Do the same as above for him.
The only way this stops is if consequences are introduced.

by 5upplied_demand

9 subcomments

Can any of the administration's defenders explain to me how this is actually a good thing and not the exact thing people were warning about a year ago?

by JKCalhoun

1 subcomments

Also: https://news.ycombinator.com/item?id=47327367#47327394
And: https://archive.is/Mw5bh

by shadowgovt

0 subcomment

This is probably a good time to mention that they court-martialed Chelsea Manning for exfiltrating Army documents.
I have a sinking suspicion this engineer won't see the inside of a jail cell.

by jmyeet

2 subcomments

I've always wondered what the endgame of that farce was. Cost-cutting was clearly always a pretense and a bad one at that. There's made up claims about 300 year olds getting Social Security but I think this only proves that the SSA database was an explicit goal and that was cover.
But why? The only conclusion I can come to is "stealing elections". I'll include this partial list I made of Republican voter suppression efforts going back decades [1].
I believe out there someone is collecting all this data into an AI model to predict how people will vote, something that Cambridge Analytica was a toy version of. But it goes beyond how people will vote but whether they will vote. Likewise, data will be constructed to strike off people from voter rolls if the system believes they won't vote how you want. We've seen efforts like this where similar-sounding names of felons in other states are used to strike off people from voter rolls. And that's a real problem because people might not know they're no longer registered to vote and in some states you have to register 30 or more days before the election.
There is essentially infinite money available to fund Republicans stealing elections because it results in public funding cuts to give even more tax breaks to billionaires.
You can't directly use the SSA databsae obviously so any effort must be small enough to not draw attention, involve part or all of the computing done overseas to avoid legal scrutiny and/or "washing" that data through data provider services. I would bet if you started exhaustively looking at various companies in or adjacent to these spaces, you'd find some pretty dodgy stuff.
[1]: https://news.ycombinator.com/item?id=47053453

by gslin

0 subcomment

https://ghostarchive.org/archive/F9qjY

by throw4847285

0 subcomment

Fraud as governance. Cool.

by thiago_fm

1 subcomments

Americans are about to find out why data protection laws exist in the EU, and why even the government has to follow it.
Nobody should have permission to query 70M Americans, it's a huge security flaw for the average citizen. But Pentagon has been doing this for a while a la Snowden, and the average american doesn't seem to be worried. With Snowden becoming a menace rather than a hero.
Once private government data from Americans starts being heavily used to mess up elections, or even worse, persecute people with a different opinion than the ruling party...
Americans will finally wake up that GDPR doesn't stiffle innovation, but rather protect its citizens from an evil actors.
But it may be too late, like when NSDAP started chasing jews and migrants. There was nothing they could do other than to flee to survive.

by mrweasel

7 subcomments

What kind of job would you realistically take this data to? What company would even so much as look at data procured in this manor. I can think of one that's evil enough and probably have the protection of the US government, but it's not like they could acquire the data directly, if it was necessary.

0 subcomment

by gslin

0 subcomment

archive: https://ghostarchive.org/archive/F9qjY

by ChrisArchitect

0 subcomment

Previously: https://news.ycombinator.com/item?id=47327367

0 subcomment

by himata4113

1 subcomments

looking at https://doge.gov seems to be defunct for around 7 months now? Also a little bit of review made me learn that doge.gov/spend is wrong lol.

by greatgib

0 subcomment

If we need to sum up the state of gov now I would pick the following quote:

   He told another colleague, who refused to help him upload the data because of legal concerns, that he expected to receive a presidential pardon if his actions were deemed to be illegal, according to the complaint.

by ajross

3 subcomments

I knew it. I was saying from the instant they started we'd have a scandal like this. Bunch of tech bros walking into the government with personal MBPs and administrative authority to demand data from anyone and everyone was a privacy crisis happening in real time.
Yet here on HN, what have we been arguing about? Big tech. Google and Meta have been allowed to become boogeymen in this community out of all proportion to the actual threat they posed[1].
While the actual boogeyman stealing our data to exploit in the market? It was us.
[1] I mean, lets be honest, while everyone has abstract complaints the truth is that they've actually been remarkably benign stewards of our data over the past 20 years. Much, much, MUCH more responsible than the glibertarian dude in the cubicle next to you, as it turns out.

by glitchc

0 subcomment

Society can only support so many sociopaths (~ 1 in 5) before it starts to collapse. We may have reached the tipping point.

by baggachipz

0 subcomment

[flagged]

by samrus

0 subcomment

[flagged]

by paxys

0 subcomment

[flagged]

by bitroughj

0 subcomment

[flagged]

by cbradford

0 subcomment

[flagged]

by mnmnmn

0 subcomment

Heil Elon lol

by mothballed

2 subcomments

It's probably safe to assume any non-classified information you provide to the government is for sale on the dark web.

by saalweachter

8 subcomments

I feel like when I was a twenty- something I would have been at risk of exfiltrating data like this not for any specific nefarious purpose or money-making scheme but just out of data hoarding.
Anymore I have zero desire to keep any copy of work code or other data on any personal device. Nope, never gonna need it, don't want it, just a potential legal headache with no upside.
But when I was younger? I could totally imagine getting a big juicy dataset like that and wanting a copy for myself. It'd make me feel special, having information no one else had.

by EchoReflection

0 subcomment

-Overall, we rate the New York Times Left-Center biased based on wording and story selection that moderately favors the left.
- Overall, we rate The Washington Post as Left-Center biased based on editorial positions that moderately favor the left. Due to a few failed fact checks, they earn a Mostly Factual rating.
- Wired: These media sources have a slight to moderate liberal bias. They often publish factual information that utilizes loaded words (wording that attempts to influence an audience by using appeal to emotion or stereotypes) to favor liberal causes. These sources are generally trustworthy for information but may require further investigation.
https://youtu.be/tRq-vVptMOk?si=t6xzvtqdhOZm80un ↑ Victor Davis Hanson: The Left’s Rage is a Symptom of a Movement in Decline
https://profrjstarr.com/the-psychology-of-us/the-need-to-be-...
"this too shall pass"