An internal government watchdog and members of Congress are separately investigating new allegations that a Department of Government Efficiency staffer potentially misused sensitive Social Security data.

The Social Security Administration’s inspector general notified the leaders of several House and Senate committees on Mar. 6 that it is reviewing an anonymous complaint “on matters relating to the potential misuse of SSA data by a former DOGE employee, among other allegations,” according to a copy of the letter obtained by NPR.

This week, Congressional Democrats investigating DOGE’s access to Social Security data also announced an expanded probe after receiving whistleblower information alleging a former DOGE software engineer at SSA claimed to have retained copies of sensitive databases filled with personal information about almost every living American. The whistleblower’s allegations were first reported by the Washington Post on Tuesday.

According to the Post‘s reporting, the former DOGE employee claimed at least one database was held on a personal thumb drive, and claimed to have retained “God-level” access to SSA systems, the whistleblower alleged. The former staffer also allegedly told colleagues they wanted to share the data with their private-sector employer, the Post reported. NPR has not reviewed the whistleblower complaint.

Rep. Robert Garcia of California, the House Oversight committee’s top Democrat, called the allegations “deeply disturbing” and said they show the Trump administration’s “callous disregard for the safety and security of Americans’ most sensitive information.”

“Not only has an ex-DOGE bro been accused of running around with the Social Security information of every American on a flash drive, he also may have the ability to edit and manipulate data at the Social Security Administration at will,” Garcia wrote in a statement.

The Office of the Inspector General for the Social Security Administration declined to comment, saying it doesn’t confirm or deny the existence of law enforcement investigations.

The inspector general’s office told lawmakers in its Mar. 6 letter that it was not sharing further information about the anonymous complaint because that “risks jeopardizing any investigation and potentially chills future complainants from submitting anonymous allegations of fraud, waste, and abuse.”

An unnamed spokesperson for SSA disputed the whistleblower’s claims in an email to NPR.

“The allegations by a singular anonymous source have been strongly refuted by all named parties – SSA, the former employee, and the company. Even the Washington Post admitted they could not verify the information – because it is not true,” the spokesperson said. (The Post story did not name the former DOGE employee or the company they work for.)

“SSA is focused on continuing our digital-first transformation to deliver better, faster service for every American,” the spokesperson continued, and went on to disparage the Washington Post.

Democrats in Congress call for more investigations

The whistleblower alleged the former DOGE staffer claimed to have retained copies of two databases, NUMIDENT and the Death Master File, according to the Post‘s report.

The NUMIDENT database contains sensitive records for almost every American alive today, including Social Security numbers, dates of birth, place of birth and parents’ names. The Death Master File includes records for individuals who have been reported as deceased.

An aerial of The Social Security Administration’s main campus in Woodlawn, Maryland. The agency is investigating claims that DOGE employees misused sensitive personal data for millions of Americans.

Kayla Bartkowski/Getty Images

hide caption

toggle caption

Kayla Bartkowski/Getty Images

Advertisement

As part of the House Oversight Committee Democrats’ ongoing investigation into DOGE, Garcia is now asking the Social Security Administration to answer questions about DOGE’s data access and wants former DOGE staffers affiliated with SSA to contact the committee to “clarify the facts surrounding DOGE use of Americans’ sensitive data.”

Other Democratic lawmakers who received the letter from the SSA inspector general also called for investigations into the whistleblower’s allegations.

“These allegations describe one of the largest known data breaches in American history, perpetrated by Trump appointees for the explicit purpose of weaponizing Americans’ sensitive personal data for political gain,” Sen. Ron Wyden (D-Ore.), the ranking member of the Senate Finance Committee, said in a statement. “There must be a full public accounting of this breach at Social Security, including justice for anyone who committed or enabled criminal theft of Americans’ data.”

Rep. John B. Larson (D-Conn.) and Richard E. Neal (D-Mass.), who sit on the House Ways and Means Committee, said in a statement: “These continued revelations demand a full investigation with accountability if wrongdoing is confirmed.”

A growing pattern of DOGE data access concerns

The OIG investigation and the whistleblower complaint come after the Social Security Administration disclosed in January that DOGE employees secretly and improperly shared sensitive personal data in 2025 and that the agency could not verify the extent of the violations.

The January disclosure was made in an ongoing court fight over whether DOGE improperly gained access to SSA data and abused that access. The disclosure also said two unnamed DOGE employees were referred to a federal watchdog for potentially violating the Hatch Act, which bars government employees from using their job for political activity.

The court filing also said SSA found that the employees communicated with a political advocacy group about matching Social Security data with state voter rolls.

DOGE team members also circumvented the agency’s IT rules and improperly shared data on outside servers, sent private records to other DOGE staffers outside the agency and had access to some data even after a judge temporarily blocked access.

Charles Borges, the former chief data officer at SSA, filed his own whistleblower disclosure last year alleging DOGE staffers improperly copied a dataset of more than 300 million Americans’ information into a virtual database without following security protocols.

Borges’ complaint said that last summer, a former DOGE employee at the SSA requested that the agency make a copy of its NUMIDENT database to a private cloud server that would effectively give DOGE officials unfettered access to the data.

On Wednesday, Borges told NPR the allegations made in the new whistleblower complaint would have “generational consequences” if true.

“This is exactly the scenario that kept me up at night. An irrecoverable loss of the entirety of our personal data. Once that data has ‘left the building’, you cannot close Pandora’s Box again,” Borges said.

“The loss of this data would not be ‘just another data breach,’ but could represent a structural failure of our identity system,” he said. “It could require significant federal action, counterintelligence planning and response, and the consideration of a complete redesign of how identity works in the United States.”

Have a tip to share with NPR? Reach out through encrypted communications on Signal to Stephen Fowler at stphnfwlr.25, Jude Joffe-Block at JudeJB.10 and Shannon Bond at shannonbond.01. Please use a nonwork device.

A series of tornadoes hit parts of Texas, Illinois, and Indiana late Tuesday and overnight, as forecasters warn that the threat of severe weather, including flooding, will continue on Wednesday for tens of millions of people from Texas to Michigan.

At least four tornado touchdowns were reported in eastern Illinois, the National Weather Service (NWS) said, leaving a trail of damage stretching into Indiana, where at least two people were killed.

Video of a separate tornado in Taylor county, central Texas, on Tuesday was posted to weather.com. Officials there reported 60mph wind gusts and “baseball-sized” hail.

A search continued on Wednesday for possible victims of a supercell of storms that followed a path from Kankakee county, Illinois, into Indiana late on Tuesday. Rob Churchill, chief of the Lake Township fire department in Indiana, said in a video on Facebook that the small town of Lake Village had taken “a direct hit”.

“We have multiple homes destroyed, please stay away from the area,” he said.

Fire department officials said at an early morning Wednesday press conference that there were two fatalities, WTHR News, an NBC affiliate, reported. Details were not immediately available.

Shannon Cothran, sheriff of Newton county in Indiana, said in a separate Facebook video that the immediate threat of dangerous weather had passed, but first responders were faced with challenging circumstances as they dealt with the storm’s aftermath.

“[There’s] a lot of damage. Please do not come here. Do not try to help right now. We’ve got a lot of first responders out here doing their job, just give us some room,” he said.

The tornadoes in parts of Illinois and Indiana downed trees and power lines in an area south of Chicago, and overwhelmed 911 operators, officials said. The Kankakee county sheriff’s office said one tornado touched down near the Kankakee fairgrounds before moving north-east into Aroma park, where it caused extensive damage.

JB Pritzker, the Democratic Illinois governor, said in a post on X early Wednesday that he was briefed on the storm and tornado damage and that the state’s emergency management agency was in contact with local officials.

“Keeping in our thoughts all Illinoisans impacted by the severe weather – we’ll be here to help them recover,” he said.

Severe storms dumping rain and hail in parts of the midwest were threatening to bring intense tornadoes, damaging winds and very large hail from the southern plains to the southern Great Lakes, according to the NWS. States from Oklahoma to Michigan were under tornado watches.

Andrew Lyons, a meteorologist with the weather service’s storm prediction center, told the Associated Press that the exact number of tornado touchdowns would not be known until after officials conducted damage assessments.

He described it as a fairly typical early spring strong storm system that was expected to continue to move east and northeast towards the Atlantic coast on Wednesday, likely bringing more severe weather, he said.

Brandon Buckingham, an AccuWeather meteorologist, said at least 10 tornadoes were spotted in Illinois, Indiana and Texas.

“There were nearly 200 filtered reports of severe weather spanning more than 2,500 miles from Texas to Michigan,” he said in a post on the weather service’s website.

The forecaster said the chain of storms would peak midweek and “could become the most widespread and impactful severe weather outbreak so far this year”.

The severe weather could reach Washington DC by Wednesday afternoon, CBS News reported, bringing new threats of damaging winds and tornadoes. A line of storms was forecast to sweep east and move into Ohio and Tennessee, including the cities of Cincinnati, Memphis and Nashville, it said.