Social Security Administration Admits DOGE Had Broader System Access Than Initially Disclosed

The Social Security Administration (SSA) has formally admitted in federal court that it initially underreported the scope of improper access and data handling by the Department of Government Efficiency (DOGE) within its systems. A new Department of Justice filing, submitted as a record correction, reveals that DOGE's activities extended far beyond what was previously disclosed, including unauthorized data sharing, retained system access after a court order, and potential political activities that have triggered Hatch Act investigations.

Expanded Scope of Unauthorized Access

The DOJ filing, submitted on behalf of the SSA in a lawsuit brought by multiple US government employee unions, directly contradicts statements made in March by then-acting SSA Commissioner Leland Dudek. While Dudek had maintained that DOGE "never had access to SSA systems of record," the new evidence shows that DOGE employees retained access to a range of SSA systems well after US District Judge Ellen Hollander issued a temporary restraining order limiting that access.

The systems accessed included:

• SSA employee records and facility access systems
• Fraud and analytics shared workspaces
• Data-visualization tools connected to other data sources that "could provide access to PII"
• Enterprise data warehouse schemas beyond those previously reported

These access privileges remained active for various DOGE employees until they were terminated in late March, despite the judicial order intended to restrict their activities.

Unauthorized Data Transmission and Cloudflare Usage

Perhaps more concerning than retained access is the evidence of data being transmitted outside the SSA's secure environment. The filing reveals that DOGE employees sent an encrypted, password-protected file to the Department of Homeland Security and a DOGE advisor at the Department of Labor. The SSA believes this file contained personally identifiable information (PII) derived from its systems of record, including names and addresses of approximately 1,000 individuals.

Crucially, the SSA has been unable to access this encrypted file to determine its actual contents. "From the explanation of the attached file in the email body and based on what SSA had approved to be released to DHS, SSA believes that the encrypted attachment contained PII derived from SSA systems of record," the DOJ explained.

Additionally, the SSA discovered that DOGE employees were using Cloudflare to share data among themselves, a practice that violates SSA security protocols. "Cloudflare is not approved for storing SSA data and when used in this manner is outside SSA's security protocols," the filing states. "SSA did not know, until its recent review, that DOGE Team members were using Cloudflare during this period."

The SSA has been unable to determine exactly what data was shared to Cloudflare or whether the data still exists on the server. This finding lends credibility to whistleblower claims from August 2025, which alleged that DOGE was transmitting data from the SSA's Numident database—a master record of every Social Security card application ever submitted—to an unauthorized cloud environment.

Political Activity and Hatch Act Violations

The most serious allegation involves potential political activities by DOGE employees. Email evidence shows that two DOGE employees at the SSA were approached by a political advocacy group seeking assistance in finding evidence of voter fraud to overturn state-level elections. One of the employees signed a "voter data agreement" with the unnamed group without SSA review or approval through the agency's data exchange procedures.

"DOGE Team members could have been asked to assist the advocacy group by accessing SSA data to match to the voter rolls," the filing states, though it notes that "SSA has not yet seen evidence that SSA data were shared with the advocacy group."

These activities have led to referrals to the US Office of Special Counsel over potential Hatch Act violations. The Hatch Act of 1939 restricts certain political activities by federal civil service employees, including using government resources for political purposes.

Compliance and Legal Implications

The SSA maintains that Dudek's original statements were accurate when made and remain so today, despite the contradictory evidence presented in the DOJ filing. This position raises questions about the agency's internal oversight and reporting mechanisms.

The case has significant implications for federal data security protocols and the oversight of special government initiatives like DOGE. Several key compliance issues emerge:

1. Data Governance: The unauthorized use of Cloudflare and encrypted file transfers demonstrates gaps in the SSA's data governance framework, particularly regarding third-party service approval and data handling procedures.

2. Access Control: The retention of system access after a judicial order highlights weaknesses in the SSA's access control mechanisms and the challenge of revoking permissions across complex federal IT systems.

3. Political Activity Monitoring: The Hatch Act referrals indicate potential failures in monitoring employee activities for compliance with federal ethics regulations.

4. Audit Trail: The SSA's inability to determine what data was shared via Cloudflare or contained in the encrypted file points to inadequate audit logging and monitoring capabilities.

Broader Context

This case is part of a larger pattern of scrutiny surrounding DOGE's activities across multiple federal agencies. The initiative, led by Elon Musk, was ostensibly created to identify cost-cutting opportunities but has faced criticism for its methods and potential overreach.

The SSA case is particularly sensitive given the agency's role in managing critical personal data for millions of Americans. The Numident database, mentioned in whistleblower reports, contains some of the most sensitive information in the federal government, making any unauthorized access or transmission a serious security concern.

The lawsuit against the SSA was filed by multiple US government employee unions concerned about the agency's handling of the DOGE situation and its impact on both data security and employee rights. The plaintiffs have not yet responded to the new revelations in the court filing.

Next Steps and Oversight

The Department of Justice has clarified that it is not investigating DOGE itself, as its role in this case is limited to representing the SSA in the lawsuit. This leaves oversight of DOGE's activities to other agencies, including potentially the Office of Special Counsel for the Hatch Act violations and the Office of Inspector General for broader misconduct.

The SSA will likely face increased scrutiny from Congress and oversight bodies regarding its data security protocols and the management of special initiatives. The agency may need to implement more robust monitoring systems, stricter third-party vendor approval processes, and enhanced employee training on data handling and political activity restrictions.

For federal agencies working with sensitive data, this case serves as a cautionary tale about the importance of maintaining clear boundaries between operational initiatives and proper data governance. The SSA's admission that it initially underreported the scope of DOGE's activities suggests that even well-established agencies can struggle with oversight when special projects operate outside normal channels.

The full implications of the data shared via Cloudflare and the encrypted file remain unclear, but the SSA's inability to access or audit this information represents a significant gap in its security posture. As the case proceeds, additional details may emerge about the extent of the data exposure and the specific compliance failures that allowed these activities to occur.

Image: Featured image showing the Department of Government Efficiency concept