The Trump administration has acknowledged in court filings that two members of the Department of Government Efficiency, or DOGE, may have improperly accessed and shared Americans’ Social Security information while aiding a political effort to challenge election results. The disclosure, first surfaced in reporting by Politico and detailed by a Justice Department attorney, signals a serious breach of federal data safeguards and raises urgent questions about the politicization of highly sensitive government records.
What the Recent Federal Court Filings Reveal
According to declarations filed by Elizabeth Shapiro, a senior Justice Department official, a political advocacy group contacted two DOGE-linked employees embedded at the Social Security Administration (SSA) seeking to match voter rolls it had obtained against SSA data to find purported voter fraud. Shapiro wrote that one DOGE member, acting in an SSA capacity, signed a “Voter Data Agreement” with the outside group.
The filings say emails suggest DOGE personnel may have been asked to assist by tapping SSA datasets that, at the time, were subject to strict court-ordered limits. The data in question included Social Security numbers and other personally identifiable information. Shapiro noted there is no indication other SSA staff were aware of the communications or the agreement, and it remains unclear whether the data was ultimately shared. The agency referred the two employees for potential Hatch Act violations, which prohibit federal officials from using their positions to influence partisan outcomes.
How DOGE Access to SSA Systems Became a Flashpoint
DOGE, a Trump-era initiative that placed outside advisors and politically aligned staff across agencies to “streamline” operations, has faced mounting scrutiny over its reach into restricted systems. A federal judge previously ordered that DOGE members be blocked from SSA systems containing SSNs, medical records, driver’s license numbers, tax data, and other high-value datasets. A subsequent SSA whistleblower alleged DOGE facilitated the upload of hundreds of millions of Social Security records to a vulnerable cloud environment, a claim that prompted internal probes.
The SSA holds some of the government’s most sensitive personal data, covering the overwhelming majority of Americans. Any access beyond narrowly authorized, documented, and audited pathways runs afoul of the Privacy Act of 1974, agency policy, and the federal government’s zero-trust security mandates. Even exploratory data matching, if conducted outside formal agreements and approved systems, can constitute a reportable incident under federal information security standards.
Legal Risks And Election Integrity Concerns
Beyond the Hatch Act referrals, the episode could implicate the Privacy Act and SSA’s own data use agreements, which strictly limit disclosure of SSNs for non-program purposes. The Office of Special Counsel typically investigates Hatch Act cases, while the SSA Office of the Inspector General may examine any unauthorized access or transfer. The Justice Department could assess whether any criminal statutes are implicated, though most federal data misuse cases hinge on civil and administrative remedies.
Election law experts stress that using federal identity data to validate voter rolls is tightly regulated and technically fraught. Past attempts to crossmatch voters using sensitive identifiers have produced high error rates and false positives, disproportionately flagging legitimate voters. The Brennan Center and academic researchers have warned that large-scale cross-state matching—like the defunct Interstate Crosscheck program—misidentified supposed “duplicates” at alarming rates, with studies finding the vast majority of matches were wrong. Improper use of SSNs, even for “list maintenance,” can undermine confidence while exposing individuals to identity theft risk.
The Security Stakes for Americans and Their Data
SSNs are among the most prized credentials for criminals. The Federal Trade Commission routinely logs more than a million identity theft complaints annually, and consumer analysts have estimated tens of billions of dollars in losses tied to identity fraud in recent years. With roughly 330 million SSNs issued and more than 60 million Americans receiving monthly Social Security benefits, even limited misuse can have outsized impact—fueling tax refund fraud, medical identity theft, or synthetic identity schemes.
Federal cybersecurity policy has shifted toward zero-trust architectures, with the Office of Management and Budget’s guidance requiring granular access controls, continuous monitoring, and strict data segmentation. If DOGE personnel used unapproved “third-party” servers as the filings suggest, investigators will be scrutinizing audit logs, cloud configurations, and exfiltration pathways to determine exposure and whether any data left SSA’s secured boundary.
What Comes Next for SSA, DOJ, and Investigations
The SSA, DOJ, and potentially the Office of Special Counsel are likely to pursue parallel tracks: a personnel and ethics review, a technical investigation into any unauthorized access or transfers, and remedial security steps to harden systems. Congress may seek testimony from SSA leadership, DOGE principals, and the Inspector General to clarify how a politically connected team gained proximity to restricted datasets despite a court order.
Policy advocates are already calling for clearer firewalls between policy teams and operational data, mandatory public reporting when advisory entities touch high-value assets, and independent red-teaming of agency data-sharing agreements. Concrete measures could include immutable access logs, automatic session recording for privileged users, default data minimization, and time-limited access tokens with real-time anomaly detection.
The bottom line is stark: even the perception that federal identity data was brought into a partisan fight erodes trust. The court filings suggest the worst may have been averted, but the episode exposes gaps that require swift, transparent fixes. Protecting Social Security information is not merely a compliance exercise; it is foundational to the government’s credibility and to the everyday security of Americans’ identities.
