An internal government watchdog and members of Congress are separately investigating new allegations that a Department of Government Efficiency staffer potentially misused sensitive Social Security data.

The Social Security Administration’s inspector general notified the leaders of several House and Senate committees on Mar. 6 that it is reviewing an anonymous complaint “on matters relating to the potential misuse of SSA data by a former DOGE employee, among other allegations,” according to a copy of the letter obtained by NPR.

This week, Congressional Democrats investigating DOGE’s access to Social Security data also announced an expanded probe after receiving whistleblower information alleging a former DOGE software engineer at SSA claimed to have retained copies of sensitive databases filled with personal information about almost every living American. The whistleblower’s allegations were first reported by the Washington Post on Tuesday.

According to the Post‘s reporting, the former DOGE employee claimed at least one database was held on a personal thumb drive, and claimed to have retained “God-level” access to SSA systems, the whistleblower alleged. The former staffer also allegedly told colleagues they wanted to share the data with their private-sector employer, the Post reported. NPR has not reviewed the whistleblower complaint.

Rep. Robert Garcia of California, the House Oversight committee’s top Democrat, called the allegations “deeply disturbing” and said they show the Trump administration’s “callous disregard for the safety and security of Americans’ most sensitive information.”

“Not only has an ex-DOGE bro been accused of running around with the Social Security information of every American on a flash drive, he also may have the ability to edit and manipulate data at the Social Security Administration at will,” Garcia wrote in a statement.

The Office of the Inspector General for the Social Security Administration declined to comment, saying it doesn’t confirm or deny the existence of law enforcement investigations.

The inspector general’s office told lawmakers in its Mar. 6 letter that it was not sharing further information about the anonymous complaint because that “risks jeopardizing any investigation and potentially chills future complainants from submitting anonymous allegations of fraud, waste, and abuse.”

An unnamed spokesperson for SSA disputed the whistleblower’s claims in an email to NPR.

“The allegations by a singular anonymous source have been strongly refuted by all named parties – SSA, the former employee, and the company. Even the Washington Post admitted they could not verify the information – because it is not true,” the spokesperson said. (The Post story did not name the former DOGE employee or the company they work for.)

“SSA is focused on continuing our digital-first transformation to deliver better, faster service for every American,” the spokesperson continued, and went on to disparage the Washington Post.

Democrats in Congress call for more investigations

The whistleblower alleged the former DOGE staffer claimed to have retained copies of two databases, NUMIDENT and the Death Master File, according to the Post‘s report.

The NUMIDENT database contains sensitive records for almost every American alive today, including Social Security numbers, dates of birth, place of birth and parents’ names. The Death Master File includes records for individuals who have been reported as deceased.

An aerial of The Social Security Administration’s main campus in Woodlawn, Maryland. The agency is investigating claims that DOGE employees misused sensitive personal data for millions of Americans.

Kayla Bartkowski/Getty Images

hide caption

toggle caption

Kayla Bartkowski/Getty Images

Advertisement

As part of the House Oversight Committee Democrats’ ongoing investigation into DOGE, Garcia is now asking the Social Security Administration to answer questions about DOGE’s data access and wants former DOGE staffers affiliated with SSA to contact the committee to “clarify the facts surrounding DOGE use of Americans’ sensitive data.”

Other Democratic lawmakers who received the letter from the SSA inspector general also called for investigations into the whistleblower’s allegations.

“These allegations describe one of the largest known data breaches in American history, perpetrated by Trump appointees for the explicit purpose of weaponizing Americans’ sensitive personal data for political gain,” Sen. Ron Wyden (D-Ore.), the ranking member of the Senate Finance Committee, said in a statement. “There must be a full public accounting of this breach at Social Security, including justice for anyone who committed or enabled criminal theft of Americans’ data.”

Rep. John B. Larson (D-Conn.) and Richard E. Neal (D-Mass.), who sit on the House Ways and Means Committee, said in a statement: “These continued revelations demand a full investigation with accountability if wrongdoing is confirmed.”

A growing pattern of DOGE data access concerns

The OIG investigation and the whistleblower complaint come after the Social Security Administration disclosed in January that DOGE employees secretly and improperly shared sensitive personal data in 2025 and that the agency could not verify the extent of the violations.

The January disclosure was made in an ongoing court fight over whether DOGE improperly gained access to SSA data and abused that access. The disclosure also said two unnamed DOGE employees were referred to a federal watchdog for potentially violating the Hatch Act, which bars government employees from using their job for political activity.

The court filing also said SSA found that the employees communicated with a political advocacy group about matching Social Security data with state voter rolls.

DOGE team members also circumvented the agency’s IT rules and improperly shared data on outside servers, sent private records to other DOGE staffers outside the agency and had access to some data even after a judge temporarily blocked access.

Charles Borges, the former chief data officer at SSA, filed his own whistleblower disclosure last year alleging DOGE staffers improperly copied a dataset of more than 300 million Americans’ information into a virtual database without following security protocols.

Borges’ complaint said that last summer, a former DOGE employee at the SSA requested that the agency make a copy of its NUMIDENT database to a private cloud server that would effectively give DOGE officials unfettered access to the data.

On Wednesday, Borges told NPR the allegations made in the new whistleblower complaint would have “generational consequences” if true.

“This is exactly the scenario that kept me up at night. An irrecoverable loss of the entirety of our personal data. Once that data has ‘left the building’, you cannot close Pandora’s Box again,” Borges said.

“The loss of this data would not be ‘just another data breach,’ but could represent a structural failure of our identity system,” he said. “It could require significant federal action, counterintelligence planning and response, and the consideration of a complete redesign of how identity works in the United States.”

Have a tip to share with NPR? Reach out through encrypted communications on Signal to Stephen Fowler at stphnfwlr.25, Jude Joffe-Block at JudeJB.10 and Shannon Bond at shannonbond.01. Please use a nonwork device.