Imagine discovering the safe you trusted wasn’t locked after all. That’s the feeling hitting many Americans as details emerge about a potential breach of Social Security data. It appears that members of Elon Musk’s “Department of Government Efficiency” (DOGE) may have overstepped, and the repercussions could be far-reaching.
A recent court filing attempts to clarify earlier statements made by the Department of Justice (DOJ) regarding the DOGE team’s access to Social Security Administration (SSA) data. The initial assurances now seem, at best, premature. Let’s break down what this all means.
The filing, initially reported by Politico, revises previous declarations to the court. A March 20, 2025, temporary restraining order prompted the DOJ to state that all SSA DOGE team members’ access to systems containing personally identifiable information (PII) had been revoked. However, the new filing admits that one DOGE member was, in fact, running searches for PII as late as March 24, 2025.
The Story Shifts: What Did DOGE Really Access?
We’ve all been there: a friend promises they didn’t eat your cookies, only for crumbs to be found on their face. Similarly, earlier assurances about DOGE’s limited access to SSA systems don’t quite hold up. The filing corrects the record to show that an unnamed DOGE team member sent an email containing a file with Social Security data to individuals at the Department of Labor and Homeland Security.
While the DOJ claims the file is password-protected and inaccessible, they believe it contains personal information—names and addresses—of approximately 1,000 people “derived from SSA systems of record.”
Further corrections detail instances where a DOGE member accessed call center information after the court order prohibiting such access. There’s also the matter of DOGE members sharing data with Cloudflare in an unapproved manner.
What is Considered Personally Identifiable Information?
PII, or Personally Identifiable Information, includes any data that could potentially identify a specific individual. This can range from obvious things like Social Security numbers and addresses to less obvious data points that, when combined, could reveal someone’s identity.
The court filing goes on to list additional instances of DOGE members accessing private data on Social Security employees:
- Three DOGE Team members were granted access to a system containing SSA employee records for agency personnel for workforce initiatives.
- Two DOGE Team members were granted access to a system containing personnel access information to ensure terminated employees were unable to badge into the building or to access IT systems with their PIVs.
- Six DOGE Team members were granted access to a shared workspace that would have allowed DOGE Team members to share data to which the employees had separately been granted access for fraud or analytics reviews.
- Two DOGE Team members had access to a data visualization tool that could connect to other data sources, which could provide access to PII.
- Two DOGE Team members had access to additional EDW schemas beyond those reported as of March 12, 2025.
Political Ties: A Shadowy Agreement Emerges
It’s unsettling when the people meant to protect your privacy appear to fumble the ball. The most alarming revelation from the court filing points to a political advocacy group’s attempt to obtain Social Security data:
However, SSA determined in its recent review that in March 2025, a political advocacy group contacted two members of SSA’s DOGE Team with a request to analyze state voter rolls that the advocacy group had acquired. The advocacy group’s stated aim was to find evidence of voter fraud and to overturn election results in certain States. In connection with these communications, one of the DOGE team members signed a “Voter Data Agreement,” in his capacity as an SSA employee, with the advocacy group. He sent the executed agreement to the advocacy group on March 24, 2025.
The identity of this group remains unknown. Adding to the concern, the agreement’s existence was reportedly discovered accidentally during a review of a separate case.
At this time, there is no evidence that SSA employees outside of the involved members of the DOGE Team were aware of the communications with the advocacy group. Nor were they aware of the “Voter Data Agreement.” This agreement was not reviewed or approved through the agency’s data exchange procedures. SSA first learned about this agreement during a review unrelated to this case in November 2025.
What is the Hatch Act?
The Hatch Act is a United States federal law that limits certain political activities of federal employees, as well as some state, District of Columbia, and local government employees who work in connection with federally funded programs. Its goal is to that federal programs are administered in a nonpartisan fashion, to protect federal employees from political coercion, and to that federal employees are free from any political obligation.
The two DOGE members involved have been referred to a special counsel for potential Hatch Act violations. The real question is whether anyone will be held accountable for what appears to be a serious mishandling of sensitive information. Musk’s image remains largely untarnished, his wealth continues to balloon (€187 billion), and his relationship with Trump seems to be thawing.
Data is the new oil, and in this case, it seems some powerful players may have been drilling where they shouldn’t. Will this incident spark a genuine reckoning for data security practices within government, or is it just another ripple in the ever-turbulent sea of politics?