Former DOGE Engineer Accused of Stealing Massive Troves of Social Security Data
An anonymous whistleblower has alleged that John Solly, a former engineer for the Defense Operations for Government Efficiency (DOGE), stole highly sensitive Social Security Administration (SSA) data on a thumb drive with the intent of sharing it with his current employer, Leidos. The accusations, which remain unverified by third parties, claim Solly accessed two critical SSA databases NUMIDENT (the master database of all SSN applications) and the "death master file" (used to prevent fraud involving deceased individuals) during his tenure.
Solly, now employed in Leidos’ health IT division, reportedly sought assistance in transferring the data from the thumb drive to a personal computer and "sanitizing" it before uploading it to Leidos’ systems. When questioned about potential legal consequences, Solly allegedly stated he believed he could secure a presidential pardon. Both Solly and Leidos have denied the allegations, with Leidos asserting that a digital forensics investigation found no evidence of the data being uploaded to its systems.
The SSA has strongly refuted the claims, though the Government Accountability Office (GAO) and the SSA’s Office of Inspector General have launched investigations. Some House Democrats are pushing for a broader probe into potential DOGE-related leaks. If substantiated, the breach could rank among the largest in U.S. history, given the scale of personally identifiable information (PII) involved.
This is not the first controversy surrounding DOGE, a Trump-era agency co-developed by Elon Musk in 2024. The Supreme Court previously ruled that DOGE, operating as an external consultant, is not required to disclose its activities to the public. The agency has faced repeated accusations of mishandling SSA data, including allegations that staffers shared sensitive information via insecure cloud servers and sought to provide voter fraud evidence to a right-wing advocacy group in violation of the Hatch Act. DOGE is set to sunset in July 2025, with much of its operations already winding down.
Social Security Administr cybersecurity rating report: https://www.rankiteo.com/company/social-security-administr
united-states-department-of-defense cybersecurity rating report: https://www.rankiteo.com/company/united-states-department-of-defense
"id": "SOCUNI1773786686",
"linkid": "social-security-administr, united-states-department-of-defense",
"type": "Breach",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Potentially all U.S. citizens '
'with SSNs',
'industry': 'Government/Defense',
'location': 'United States',
'name': 'Defense Operations for Government Efficiency '
'(DOGE)',
'type': 'Government Agency'},
{'customers_affected': 'Potentially all U.S. citizens '
'with SSNs',
'industry': 'Government/Social Services',
'location': 'United States',
'name': 'Social Security Administration (SSA)',
'type': 'Government Agency'},
{'industry': 'Defense/IT/Health',
'location': 'United States',
'name': 'Leidos',
'type': 'Private Company'}],
'attack_vector': 'Insider Threat',
'data_breach': {'data_exfiltration': 'Alleged transfer to thumb drive and '
'attempted upload to Leidos systems',
'personally_identifiable_information': 'Yes (SSNs, PII)',
'sensitivity_of_data': 'High (SSNs, PII, death records)',
'type_of_data_compromised': ['Social Security Numbers (SSNs)',
'Personally Identifiable '
'Information (PII)',
'Death records']},
'description': 'An anonymous whistleblower has alleged that John Solly, a '
'former engineer for the Defense Operations for Government '
'Efficiency (DOGE), stole highly sensitive Social Security '
'Administration (SSA) data on a thumb drive with the intent of '
'sharing it with his current employer, Leidos. The accusations '
'claim Solly accessed two critical SSA databases (NUMIDENT and '
'the death master file) during his tenure. Solly and Leidos '
'have denied the allegations, and investigations are ongoing.',
'impact': {'brand_reputation_impact': 'Severe reputational damage to DOGE and '
'SSA if allegations are substantiated',
'data_compromised': 'Social Security Administration (SSA) data, '
'including NUMIDENT and death master file '
'records',
'identity_theft_risk': 'High (exposure of Social Security Numbers '
'and PII)',
'legal_liabilities': 'Potential violations of federal data '
'protection laws (e.g., Privacy Act, Hatch '
'Act)',
'operational_impact': 'Potential disruption to SSA operations if '
'data was exfiltrated',
'systems_affected': ['NUMIDENT database',
'Death Master File database']},
'initial_access_broker': {'high_value_targets': ['NUMIDENT database',
'Death Master File']},
'investigation_status': 'Ongoing (GAO, SSA OIG, potential congressional '
'probe)',
'motivation': 'Potential data sharing with current employer (Leidos)',
'post_incident_analysis': {'root_causes': 'Potential insider threat, lack of '
'physical access controls, insecure '
'data handling practices'},
'references': [{'source': 'Anonymous whistleblower allegations'},
{'source': 'Government Accountability Office (GAO) '
'investigation'},
{'source': 'SSA Office of Inspector General investigation'}],
'regulatory_compliance': {'regulations_violated': ['Privacy Act',
'Hatch Act (potential)']},
'response': {'communication_strategy': 'Denials from Leidos and Solly; SSA '
'refutes claims',
'third_party_assistance': 'Digital forensics investigation '
'(Leidos)'},
'threat_actor': 'John Solly (Former DOGE Engineer)',
'title': 'Former DOGE Engineer Accused of Stealing Massive Troves of Social '
'Security Data',
'type': 'Data Theft',
'vulnerability_exploited': 'Unauthorized physical access to sensitive data'}