DOJ Corrects Record on Unauthorized Sharing of Sensitive Social Security Data
The U.S. Department of Justice (DOJ) recently filed a formal correction in a Maryland federal court, acknowledging that earlier statements by senior Social Security Administration (SSA) officials claiming that employees from the Department of Government Efficiency (DOGE) had their access to sensitive data revoked were false. The DOJ clarified that these officials did not know the statements were inaccurate at the time.
The incident stems from March 2023, when DOGE employees detailed to the SSA shared sensitive government data via an unsecured third-party server, violating agency security protocols. The SSA remains uncertain about what specific data was exposed or whether it still exists on the server. The discrepancies came to light during an internal review last fall, with the SSA notifying the DOJ of its findings on December 10. The DOJ filed the corrections on January 16.
The disclosure underscores ongoing tensions between career SSA officials and DOGE over data-sharing practices. Security experts warn that the unauthorized transfer of sensitive information risks broad exposure, with no clear record of who accessed the data or what was compromised. The incident highlights vulnerabilities in federal data handling amid interagency conflicts.
Source: https://www.nytimes.com/2026/01/20/us/politics/doge-employees-social-security-data.html
U.S. Department of Justice cybersecurity rating report: https://www.rankiteo.com/company/usdoj
South Florida Social Security Attorneys cybersecurity rating report: https://www.rankiteo.com/company/social-security
"id": "USDSOC1768977122",
"linkid": "usdoj, social-security",
"type": "Breach",
"date": "3/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Government',
'location': 'United States',
'name': 'Social Security Administration (SSA)',
'type': 'Government Agency'}],
'attack_vector': 'Unauthorized Data Sharing',
'data_breach': {'personally_identifiable_information': 'Potential',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive government data, '
'potentially including personally '
'identifiable information'},
'date_detected': '2023-12-10',
'date_publicly_disclosed': '2024-01-16',
'description': 'The U.S. Department of Justice (DOJ) filed a formal '
'correction in a Maryland federal court, acknowledging that '
'earlier statements by senior Social Security Administration '
'(SSA) officials claiming that employees from the Department '
'of Government Efficiency (DOGE) had their access to sensitive '
'data revoked were false. The DOJ clarified that these '
'officials did not know the statements were inaccurate at the '
'time. The incident involves DOGE employees sharing sensitive '
'government data via an unsecured third-party server in March '
'2023, violating agency security protocols. The SSA remains '
'uncertain about what specific data was exposed or whether it '
'still exists on the server.',
'impact': {'brand_reputation_impact': 'Yes',
'data_compromised': 'Sensitive government data',
'identity_theft_risk': 'Yes'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Highlights vulnerabilities in federal data handling amid '
'interagency conflicts and the risks of unauthorized data '
'sharing via unsecured servers.',
'motivation': 'Interagency data-sharing conflicts',
'post_incident_analysis': {'root_causes': 'Unauthorized data sharing via '
'unsecured third-party server, '
'interagency conflicts, lack of '
'clear data-sharing protocols'},
'references': [{'source': 'DOJ Correction Filing'}],
'regulatory_compliance': {'legal_actions': 'DOJ correction filed in court'},
'response': {'communication_strategy': 'DOJ filed corrections in court'},
'threat_actor': 'DOGE Employees',
'title': 'DOJ Corrects Record on Unauthorized Sharing of Sensitive Social '
'Security Data',
'type': 'Data Breach',
'vulnerability_exploited': 'Unsecured third-party server'}